Lucene search
Japan Vulnerability NotesJVN:97995841HistoryJun 01, 2012 - 12:00 a.m.
JVN#97995841: Segue vulnerable to SQL injection
2012-06-0100:00:00
Japan Vulnerability Notes
jvn.jp
15
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
56.8%
Segue is a content management system. Segue contains a SQL injection vulnerability.
Impact
A remote, unauthenticated attacker may bypass authentication and login as an administrator.
Solution
Do not use Segue
Segue services will no longer be available after August 31, 2012.
Refer to the information provided by the developer for data migration.
Products Affected
- Segue
Related
nvd
nvd
CVE-2012-1255
2012-06-04 17:55:01
prion
prion
Sql injection
2012-06-04 17:55:00
cvelist
cvelist
CVE-2012-1255
2012-06-04 17:00:00
cve
cve
CVE-2012-1255
2012-06-04 17:55:01
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.002
Percentile
56.8%
Related for JVN:97995841