Lucene search

[email protected]CVE-2002-0554

HistoryJul 03, 2002 - 4:00 a.m.

CVE-2002-0554

2002-07-0304:00:00

[email protected]

web.nvd.nist.gov

ibm

informix

web datablade

sql injection

http request

security exploit

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.8%

JSON

webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.

Affected configurations

NVD

Node

ibminformix_web_databladeMatch4.10

ibminformix_web_databladeMatch4.11

ibminformix_web_databladeMatch4.12

CPENameOperatorVersion
ibm:informix_web_databladeibm informix web databladeeq4.10
ibm:informix_web_databladeibm informix web databladeeq4.11
ibm:informix_web_databladeibm informix web databladeeq4.12

CPE	Name	Operator	Version
ibm:informix_web_datablade	ibm informix web datablade	eq	4.10
ibm:informix_web_datablade	ibm informix web datablade	eq	4.11
ibm:informix_web_datablade	ibm informix web datablade	eq	4.12

References

archives.neohapsis.com/archives/bugtraq/2002-04/0135.html

www.iss.net/security_center/static/8826.php

www.securityfocus.com/bid/4496

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.8%

JSON

Related for CVE-2002-0554

cvelist1 nvd1