Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3577
cve-2013-3577
sql injection
wave embassy
remote administration server
eras
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.3%
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote attackers to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field).
Affected configurations
Node
waveembassy_remote_administration_serverMatch-
ORwaveembassy_remote_administration_server_help_deskMatch-
References
Related
cvelist
cvelist
CVE-2013-3577
2022-10-03 16:14:46
prion
prion
Sql injection
2013-07-15 20:55:00
nvd
nvd
CVE-2013-3577
2013-07-15 20:55:03
cert
cert
Wave EMBASSY Remote Administration Server SQL injection vulnerabilities
2013-07-12 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
42.3%
Related for CVE-2013-3577