CVE-2013-0701

Sažetak

SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.

Reference

http://cs.cybozu.co.jp/information/20130125up02.php
http://jvn.jp/en/jp/JVN07629635/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000007

CVSS

Base:	6.0
Impact:	6.4
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

14-02-2013 - 12:11

Objavljeno

14-02-2013 - 12:11