PT-2018-17910 · Hewlett Packard · Hpe Device Entitlement Gateway

Publicado

2018-09-27

Atualizado

2018-11-21

CVE-2018-7107

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HPE Device Entitlement Gateway versions 3.2.4 through 3.3.1

Description A potential security issue has been identified that could be remotely exploited, allowing local SQL injection and elevation of privilege.

Recommendations For versions 3.2.4 through 3.3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2018-7107

Produtos afetados

Hpe Device Entitlement Gateway

PT-2018-17910 · Hewlett Packard · Hpe Device Entitlement Gateway

CVE-2018-7107

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3