Lucene search
HistoryMar 24, 2014 - 4:38 p.m.
CVE-2014-2587
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.012
Percentile
85.5%
SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka user parameter).
Affected configurations
Node
mcafeeasset_managerMatch6.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mcafee | asset_manager | 6.6 | cpe:2.3:a:mcafee:asset_manager:6.6:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
McAfee Asset Manager ReportsAudit.jsp Input Validation Error (CVE-2014-2587)
2014-04-28 00:00:00
cve
cve
CVE-2014-2587
2014-03-24 16:38:59
cvelist
cvelist
CVE-2014-2587
2014-03-23 18:00:00
prion
prion
Sql injection
2014-03-24 16:38:00
openvas
openvas
McAfee Asset Manager Multiple Vulnerabilities
2014-04-17 00:00:00
exploitdb
exploitdb
McAfee Asset Manager 6.6 - Multiple Vulnerabilities
2014-03-19 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.012
Percentile
85.5%
Related for NVD:CVE-2014-2587