CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-8002

HIGH
8.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile35.12th
Published2017年7月9日
Last Modified2026年5月13日

Vulnerability Description

EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands.

Affected Platforms (CPE)

📦
Emc

Data Protection Advisor

<= 6.3

References & Advisories

🔗 http://seclists.org/fulldisclosure/2017/Jul/12
🔗 http://www.securityfocus.com/bid/99487
🔗 http://www.securitytracker.com/id/1038841
🔗 http://seclists.org/fulldisclosure/2017/Jul/12
🔗 http://www.securityfocus.com/bid/99487
🔗 http://www.securitytracker.com/id/1038841

相关漏洞威胁

CVE-2017-80139.8

EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwo...

CVE-2020-53528.8

Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious...

CVE-2017-109558.8

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6....

CVE-2018-110488.1

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2....