PT-2014-3090 · Ibm · Ibm Global Retention Policy/Schedule Management+2
Publicado
2014-01-10
·
Atualizado
2015-07-28
·
CVE-2013-6321
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IBM Atlas eDiscovery Process Management versions 6.0.1.5 and earlier and 6.0.2
IBM Disposal and Governance Management for IT versions 6.0.1.5 and earlier and 6.0.2
IBM Global Retention Policy and Schedule Management versions 6.0.1.5 and earlier and 6.0.2
Description
A SQL injection issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Recommendations
For IBM Atlas eDiscovery Process Management versions 6.0.1.5 and earlier and 6.0.2, update to a version later than 6.0.2.
For IBM Disposal and Governance Management for IT versions 6.0.1.5 and earlier and 6.0.2, update to a version later than 6.0.2.
For IBM Global Retention Policy and Schedule Management versions 6.0.1.5 and earlier and 6.0.2, update to a version later than 6.0.2.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Atlas Ediscovery Process Management
Ibm Disposal/Governance Management For It
Ibm Global Retention Policy/Schedule Management