Lucene search

K
cve[email protected]CVE-2015-5452
HistoryJul 08, 2015 - 3:59 p.m.

CVE-2015-5452

2015-07-0815:59:04
CWE-89
web.nvd.nist.gov
18
cve-2015-5452
sql injection
watchguard xcs
remote attack
arbitrary sql commands

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.054 Low

EPSS

Percentile

93.2%

SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.

Affected configurations

NVD
Node
watchguardxcsMatch9.2
OR
watchguardxcsMatch10.0

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.054 Low

EPSS

Percentile

93.2%

Related for CVE-2015-5452