Lucene search
MitreCVE-2021-26837HistorySep 19, 2023 - 12:15 a.m.
CVE-2021-26837
2023-09-1900:15:33
CWE-89
mitre
web.nvd.nist.gov
23
cve-2021-26837
sql injection
fortra
delivernow
vulnerability
security
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.001
Percentile
45.9%
SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information.
Affected configurations
Node
fortradelivernowRange<1.2.18
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fortra | delivernow | * | cpe:2.3:a:fortra:delivernow:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2021-26837
2023-09-19 00:15:33
cvelist
cvelist
CVE-2021-26837
2023-09-18 00:00:00
prion
prion
Sql injection
2023-09-19 00:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.001
Percentile
45.9%
Related for CVE-2021-26837