Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter.
References
Link | Resource |
---|---|
https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems | Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Sep 2021, 10:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:castle_rock_computing:snmpc:9.0:*:*:*:enterprise:*:*:* |
cpe:2.3:a:castlerock:snmpc:9.0:*:*:*:enterprise:*:*:* cpe:2.3:a:castlerock:snmpc:12.1:*:*:*:online:*:*:* |
Information
Published : 2017-04-10 03:59
Updated : 2024-02-04 19:11
NVD link : CVE-2015-6028
Mitre link : CVE-2015-6028
CVE.ORG link : CVE-2015-6028
JSON object : View
Products Affected
castlerock
- snmpc
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')