PT-2018-4204 · Unify · Openscape Deployment Service

Published

2018-03-19

Updated

2018-04-20

CVE-2014-2652

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions OpenScape Deployment Service (DLS) versions prior to 6.x OpenScape Deployment Service (DLS) versions 7.x prior to R1.11.3

Description The issue allows remote attackers to execute arbitrary SQL commands.

Recommendations For OpenScape Deployment Service (DLS) versions prior to 6.x, update to version 6.x or later. For OpenScape Deployment Service (DLS) versions 7.x prior to R1.11.3, update to version 7.x R1.11.3 or later.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2014-2652

Affected Products

Openscape Deployment Service

PT-2018-4204 · Unify · Openscape Deployment Service

CVE-2014-2652

Weakness Enumeration

Related Identifiers

Affected Products

References · 2