Lucene search

MitreCVE-2005-2440

HistoryAug 03, 2005 - 4:00 a.m.

CVE-2005-2440

2005-08-0304:00:00

mitre

web.nvd.nist.gov

cve-2005-2440

sql injection

thomson web skill vantage manager

remote attackers

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON

SQL injection vulnerability in login.asp in Thomson Web Skill Vantage Manager allows remote attackers to execute arbitrary SQL commands via the svmPassword parameter.

Affected configurations

Nvd

Node

thomson_netgweb_skill_vantage_managerMatch2.5

VendorProductVersionCPE
thomson_netgweb_skill_vantage_manager2.5cpe:2.3:a:thomson_netg:web_skill_vantage_manager:2.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
thomson_netg	web_skill_vantage_manager	2.5	cpe:2.3:a:thomson_netg:web_skill_vantage_manager:2.5:::::::*

References

marc.info/?l=bugtraq&m=112258777107822&w=2

secunia.com/advisories/16268/

www.osvdb.org/18330

www.securityfocus.com/bid/14409

exchange.xforce.ibmcloud.com/vulnerabilities/21637

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON

Related for CVE-2005-2440