Lucene search

[email protected]CVE-2012-1061

HistoryFeb 14, 2012 - 12:55 a.m.

CVE-2012-1061

2012-02-1400:55:01

CWE-89

[email protected]

web.nvd.nist.gov

cve-2012-1061

sql injection

gforge advanced server

nvd

vulnerability

remote attackers

sql commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.4%

JSON

SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

gforgegroupgforgeMatch6.0.0

CPENameOperatorVersion
gforgegroup:gforgegforgegroup gforgeeq6.0.0

CPE	Name	Operator	Version
gforgegroup:gforge	gforgegroup gforge	eq	6.0.0

References

gforgegroup.wordpress.com/2012/02/03/gforge-as-6_0_1-release/

osvdb.org/78928

secunia.com/advisories/47587

www.securityfocus.com/bid/51912

exchange.xforce.ibmcloud.com/vulnerabilities/73085

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.4%

JSON

Related for CVE-2012-1061

prion1 ubuntucve1 cvelist1 nvd1