Lucene search

K
cve[email protected]CVE-2014-2949
HistoryJun 18, 2014 - 4:55 p.m.

CVE-2014-2949

2014-06-1816:55:07
CWE-89
web.nvd.nist.gov
20
cve-2014-2949
sql injection
f5 arx
data manager
nvd
web service

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD
Node
f5arx_data_managerMatch3.0.0
OR
f5arx_data_managerMatch3.1.0

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

Related for CVE-2014-2949