PT-2013-5027 · Red Hat · Red Hat Enterprise Mrg Grid

Tomáš Nováčik

Publicado

2013-12-23

Atualizado

2021-07-15

CVE-2013-4461

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise MRG Grid version 2.4

Description A SQL injection issue exists in the web interface for cumin, allowing remote attackers to execute arbitrary SQL commands. This is related to vectors involving the "filtering table operator."

Recommendations For Red Hat Enterprise MRG Grid version 2.4, update the software to a version that includes a fix for this issue, as no specific workaround is provided.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2013-4461

RHSA-2013:1851

RHSA-2013:1852

Produtos afetados

Red Hat Enterprise Mrg Grid

PT-2013-5027 · Red Hat · Red Hat Enterprise Mrg Grid

CVE-2013-4461

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4