← Voltar para CVEs
CVE-2018-18285
N/ADescricao
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the login interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado4/25/2019
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
mitel:cmg_suite
Fraquezas (CWE)
CWE-89
Referencias
https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-19-0003-001.pdf(cve@mitre.org)
https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-adivsory-19-0003-001(cve@mitre.org)
https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-19-0003-001.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-adivsory-19-0003-001(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.