Ubuntu.comUB:CVE-2022-4093CVE-2022-4093
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
51.3%
SQL injection attacks can result in unauthorized access to sensitive data,
such as passwords, credit card details, or personal user information. Many
high-profile data breaches in recent years have been the result of SQL
injection attacks, leading to reputational damage and regulatory fines. In
some cases, an attacker can obtain a persistent backdoor into an
organization’s systems, leading to a long-term compromise that can go
unnoticed for an extended period. This affect 16.0.1 and 16.0.2 only.
16.0.0 or lower, and 16.0.3 or higher are not affected
Notes
| Author | Note |
|---|---|
| rodrigo-zaiden | dolibarr was removed from Debian in 2018 and Ubuntu latest version is for Xenial, based on 3.5.8+dfsg1. more info can be found in: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890598 |
References
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
51.3%