Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2018/10/18 5:40 p.m.5 views

ai.grakn:grakn-orientdb-factory (=0.10.0), ai.grakn:orientdb-factory (>=0.11.0 <=0.16.0) +120 more potentially affected by CVE-2017-11467 via com.orientechnologies:orientdb-core (>=1.0 <=2.2.22)

com.orientechnologies:orientdb-core MAVEN version =1.0, =0.11.0, =0.0.7, =0.0.5, =0.8, =0.4, =3.0.0.M1, =0.13, =0.13, =1.0, =1.0, =1.6.5, =2.2.22 and more Source cves: CVE-2017-11467 Source advisory: OSV:GHSA-XM6R-4466-MR74...

10CVSS7.2AI score0.73071EPSS
Exploits4
Circl
Circl
added 2018/02/02 3:26 p.m.22 views

CVE-2017-11467

creationtimestamp| type| source ---|---|--- 2018-02-02 15:26:37+00:00| exploited| https://t.me/SecLabNews/1444 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/orientdbexec.rb 2020-10-09 15:17:37+00:00| seen|...

10CVSS8.6AI score0.73071EPSS
Exploits4References2
VulnCheck KEV
VulnCheck KEV
added 2018/02/01 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-11467

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request...

10CVSS7.6AI score0.73071EPSS
Exploits4References1
CVE
CVE
added 2017/07/20 12:0 a.m.121 views

CVE-2017-11467

OrientDB 2.2.x is affected by CVE-2017-11467: the product fails to enforce privilege requirements during where, fetchplan, and order by operations, enabling remote attackers to run arbitrary OS commands via a crafted request. Impact is consistent with a high-severity command-injection-style vulne...

10CVSS9.6AI score0.73071EPSS
Exploits4References2Affected Software1
Metasploit
Metasploit
added 2017/07/18 3:53 p.m.44 views

OrientDB 2.2.x Remote Code Execution

This module leverages a privilege escalation on OrientDB to execute unsandboxed OS commands. All versions from 2.2.2 up to 2.2.22 should be vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

9.8CVSS1.6AI score0.73071EPSS
Exploits4
exploitpack
exploitpack
added 2017/07/13 12:0 a.m.40 views

OrientDB - Code Execution

OrientDB - Code Execution Vulnerability Summary The following advisory reports a vulnerability in OrientDB which allows users of the product to cause it to execute code. OrientDB is a Distributed Graph Database engine with the flexibility of a Document Database all in one product. The first and...

10CVSS0.3AI score0.73071EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/07/13 12:0 a.m.72 views

OrientDB - Code Execution

Vulnerability Summary The following advisory reports a vulnerability in OrientDB which allows users of the product to cause it to execute code. OrientDB is a Distributed Graph Database engine with the flexibility of a Document Database all in one product. The first and best scalable,...

10CVSS7AI score0.73071EPSS
Exploits4
Rows per page
Query Builder