Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61831
HistoryMar 18, 2014 - 12:00 a.m.

McAfee Email Gateway/McAfee Email和Web Security Appliance多个SQL注入漏洞

2014-03-1800:00:00
Root
www.seebug.org
16

0.004 Low

EPSS

Percentile

75.0%

JSON

CVE ID:CVE-2013-7092

McAfee Email Gateway是一款电子邮件解决方案。McAfee Email and Web Security Appliance用于智能化的垃圾邮件和恶意软件防护。

通过"events_col", "event_id", "reason", "events_order", "emailstatus_order"和"emailstatus_col" JSON键值提交给/admin/cgi-bin/rpc/doReport/18的输入在用于SQL查询之前缺少过滤,允许远程攻击者利用漏洞提交特制的SQL查询,操作或获取数据库数据。
0
McAfee Email and Web Security Appliance 5.x
McAfee Email Gateway 7.x
用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞:
https://kc.mcafee.com/corporate/index?page=content&id=SB10064

Related

prion 3
cve 3
cvelist 3
nvd 3
seebug 1
nessus 1
openvas 1
prion
prion
Sql injection
2013-12-13 18:07:00
Command injection
2013-12-14 17:21:00
Command injection
2013-12-14 17:21:00
cve
cve
CVE-2013-7092
2013-12-13 18:07:54
CVE-2013-7103
2013-12-14 17:21:47
CVE-2013-7104
2013-12-14 17:21:47
cvelist
cvelist
CVE-2013-7092
2013-12-13 18:00:00
CVE-2013-7103
2013-12-14 17:00:00
CVE-2013-7104
2013-12-14 17:00:00
nvd
nvd
CVE-2013-7092
2013-12-13 18:07:54
CVE-2013-7103
2013-12-14 17:21:47
CVE-2013-7104
2013-12-14 17:21:47
seebug
seebug
McAfee Email Gateway/McAfee Email and Web Security Appliance SQL注入漏洞
2014-03-14 00:00:00
nessus
nessus
McAfee Email Gateway Multiple Vulnerabilities (SB10064)
2014-03-27 00:00:00
openvas
openvas
McAfee Email Gateway Multiple Vulnerabilities
2016-07-14 00:00:00

0.004 Low

EPSS

Percentile

75.0%

JSON
Related for SSV:61831
prion3cve3cvelist3nvd3seebug1nessus1openvas1