PT-2017-18024 · Infor · Infor Eam
Publicado
2017-05-16
·
Atualizado
2017-08-13
·
CVE-2017-7952
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
INFOR EAM version 11.0 Build 201410
Description
The issue is related to SQL injection via search fields. It is specifically tied to the
filtervalue parameter.Recommendations
For INFOR EAM version 11.0 Build 201410, avoid using the
filtervalue parameter in search fields until a fix is available. As a temporary workaround, consider restricting access to search functionality to minimize the risk of exploitation.Exploit
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Infor Eam