Lucene search

[email protected]CVE-2011-1913

HistorySep 22, 2011 - 10:55 a.m.

CVE-2011-1913

2011-09-2210:55:01

CWE-89

[email protected]

web.nvd.nist.gov

cve-2011-1913

sql injection

mercator sentinel 2.0

web interface

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

mercatorsentinelMatch2.0

CPENameOperatorVersion
mercator:sentinelmercator sentineleq2.0

CPE	Name	Operator	Version
mercator:sentinel	mercator sentinel	eq	2.0

References

cert.netpeas.org/2011/06/cert-nps2011005-vulnerabilite-potentielle-dans-la-solution-de-gestion-de-la-securite-operationnelle-des-compagnies-aeriennes-%C2%AB-sentinel-safety-information-management-system-%C2%BB/

cert.netpeas.org/2011/06/cert-nps2011005-vulnerabilite-potentielle-dans-la-solution-de-gestion-de-la-securite-operationnelle-des-compagnies-aeriennes-suite/

secunia.com/advisories/46014

www.kb.cert.org/vuls/id/122142

www.securityfocus.com/bid/49638

exchange.xforce.ibmcloud.com/vulnerabilities/69847

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2011-1913

prion1 nvd1 cert1 cvelist1