PT-2018-4204 · Unify · Openscape Deployment Service

Publicado

2018-03-19

Atualizado

2018-04-20

CVE-2014-2652

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions OpenScape Deployment Service (DLS) versions prior to 6.x OpenScape Deployment Service (DLS) versions 7.x prior to R1.11.3

Description The issue allows remote attackers to execute arbitrary SQL commands.

Recommendations For OpenScape Deployment Service (DLS) versions prior to 6.x, update to version 6.x or later. For OpenScape Deployment Service (DLS) versions 7.x prior to R1.11.3, update to version 7.x R1.11.3 or later.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2014-2652

Produtos afetados

Openscape Deployment Service

PT-2018-4204 · Unify · Openscape Deployment Service

CVE-2014-2652

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2