Lucene search
Japan Vulnerability NotesJVN:58615092HistoryOct 29, 2015 - 12:00 a.m.
JVN#58615092: Enisys Gw vulnerable to SQL injection
2015-10-2900:00:00
Japan Vulnerability Notes
jvn.jp
21
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.1%
Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains an SQL injection vulnerability (CWE-89).
Impact
Information stored in the database may be obtained or altered by a remote unauthenticated attacker.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Enisys Gw 1.4.0 and earlier
Related
cvelist
cvelist
CVE-2015-5668
2015-10-29 10:00:00
prion
prion
Sql injection
2015-10-29 11:59:00
nvd
nvd
CVE-2015-5668
2015-10-29 11:59:08
cve
cve
CVE-2015-5668
2015-10-29 11:59:08
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
49.1%
Related for JVN:58615092