Lucene search

MitreCVE-2006-5744

HistoryNov 06, 2006 - 6:07 p.m.

CVE-2006-5744

2006-11-0618:07:00

mitre

web.nvd.nist.gov

cve-2006-5744

sql injection

highwall enterprise

highwall endpoint

remote attackers

access point

malicious system operator

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.002

Percentile

60.4%

JSON

Multiple SQL injection vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 management interface allow remote attackers to execute arbitrary SQL commands via an Access Point with a crafted SSID, and via unspecified vectors related to a malicious system operator.

Affected configurations

Nvd

Node

mobilesecure_inchighwall_endpointMatch4.0.2.11045

mobilesecure_inchighwall_enterpriseMatch4.0.2.11045

VendorProductVersionCPE
mobilesecure_inchighwall_endpoint4.0.2.11045cpe:2.3:a:mobilesecure_inc:highwall_endpoint:4.0.2.11045:*:*:*:*:*:*:*
mobilesecure_inchighwall_enterprise4.0.2.11045cpe:2.3:a:mobilesecure_inc:highwall_enterprise:4.0.2.11045:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mobilesecure_inc	highwall_endpoint	4.0.2.11045	cpe:2.3:a:mobilesecure_inc:highwall_endpoint:4.0.2.11045:::::::*
mobilesecure_inc	highwall_enterprise	4.0.2.11045	cpe:2.3:a:mobilesecure_inc:highwall_enterprise:4.0.2.11045:::::::*

References

www.osvdb.org/29916

www.securityfocus.com/archive/1/449118/100/200/threaded

www.securityfocus.com/archive/1/449739/100/100/threaded

www.securityfocus.com/bid/20605

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

Low

EPSS

0.002

Percentile

60.4%

JSON

Related for CVE-2006-5744