CVE-2019-11363

2019-08-2920:01:30

mitre

www.cve.org

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

44.5%

JSON

A SQL injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to execute arbitrary SQL commands via the AgentConsole/UserGroupQuery.php ShowUser parameter.

References

prophecyinternational.atlassian.net/wiki/spaces/SC7/pages/158760961/Release+Notes+for+Snare+Central+v7.4.5