CVE-2018-0685

Sažetak

SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via HTTP requests for mail search.

Reference

http://jvn.jp/en/jp/JVN00344155/index.html
https://www.denbun.com/en/imap/support/security/181003.html
https://www.denbun.com/en/pop/support/security/181003.html

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-12-2018 - 15:14

Objavljeno

15-11-2018 - 15:29