ID CVE-2011-1328Type cveReporter cve@mitre.orgModified 2017-08-17T01:34:00
Description
SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
{"id": "CVE-2011-1328", "bulletinFamily": "NVD", "title": "CVE-2011-1328", "description": "SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.", "published": "2011-05-24T23:55:00", "modified": "2017-08-17T01:34:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1328", "reporter": "cve@mitre.org", "references": ["http://jvndb.jvn.jp/jvndb/JVNDB-2011-000030", "http://jvn.jp/en/jp/JVN77697803/index.html", "http://jvn.jp/en/jp/JVN77697803/995139/index.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/67556", "http://secunia.com/advisories/44634", "http://www.osvdb.org/72410"], "cvelist": ["CVE-2011-1328"], "type": "cve", "lastseen": "2020-12-09T19:39:05", "edition": 5, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "jvn", "idList": ["JVN:77697803"]}], "modified": "2020-12-09T19:39:05", "rev": 2}, "score": {"value": 7.2, "vector": "NONE", "modified": "2020-12-09T19:39:05", "rev": 2}, "vulnersScore": 7.2}, "cpe": ["cpe:/a:radvision:iview_suite:7.0", "cpe:/a:radvision:iview_suite:5.5", "cpe:/a:radvision:iview_suite:7.1", "cpe:/a:radvision:iview_suite:5.7"], "affectedSoftware": [{"cpeName": "radvision:iview_suite", "name": "radvision iview suite", "operator": "le", "version": "7.1"}, {"cpeName": "radvision:iview_suite", "name": "radvision iview suite", "operator": "eq", "version": "5.7"}, {"cpeName": "radvision:iview_suite", "name": "radvision iview suite", "operator": "eq", "version": "7.0"}, {"cpeName": "radvision:iview_suite", "name": "radvision iview suite", "operator": "eq", "version": "5.5"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:radvision:iview_suite:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:radvision:iview_suite:5.5:*:*:*:*:*:*:*", "cpe:2.3:a:radvision:iview_suite:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:radvision:iview_suite:5.7:*:*:*:*:*:*:*"], "cwe": ["CWE-89"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:radvision:iview_suite:5.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:radvision:iview_suite:5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:radvision:iview_suite:7.1:*:*:*:*:*:*:*", "versionEndIncluding": "7.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:radvision:iview_suite:7.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}
{"jvn": [{"lastseen": "2019-05-29T17:21:51", "bulletinFamily": "info", "cvelist": ["CVE-2011-1328"], "description": "\n ## Description\n\niVIEW Suite provided by RADVISION is a software to manage video conference systems in SCOPIA. iVIEW Suite contains a SQL injection vulnerability. \n\n\n ## Impact\n\nA remote attacker may view or alter the information on the system. \n\n\n ## Solution\n\n**Update the Software** \nUpdate to the latest version according to the information provided by the distributor. \n\n\n ## Products Affected\n\n * iVIEW Suite prior to v7.5\n", "edition": 4, "modified": "2011-05-20T00:00:00", "published": "2011-05-19T00:00:00", "id": "JVN:77697803", "href": "http://jvn.jp/en/jp/JVN77697803/index.html", "title": "JVN#77697803: iVIEW Suite vulnerable to SQL injection", "type": "jvn", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
