CVE-2006-3430
8.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.5%
SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.
References
lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.html
secunia.com/advisories/20876
secunia.com/advisories/20878
securityreason.com/securityalert/1200
securitytracker.com/id?1016405
www.securityfocus.com/archive/1/438710/100/0/threaded
www.securityfocus.com/bid/18715
www.vupen.com/english/advisories/2006/2595
www.vupen.com/english/advisories/2006/2596
exchange.xforce.ibmcloud.com/vulnerabilities/27545
Related
8.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.014 Low
EPSS
Percentile
86.5%