PT-2014-5800 · Nice · Nice Recording Express

Publicado

2014-06-18

Atualizado

2014-06-19

CVE-2014-4305

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions NICE Recording eXpress (aka Cybertech eXpress) versions 6.5.7 and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access or modification. The exact vectors used for the attack are not specified.

Recommendations For versions 6.5.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2014-4305

Produtos afetados

Nice Recording Express

PT-2014-5800 · Nice · Nice Recording Express

CVE-2014-4305

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3