Lucene search
MitreCVE-2007-6168HistoryNov 29, 2007 - 1:46 a.m.
CVE-2007-6168
2007-11-2901:46:00
CWE-89
mitre
web.nvd.nist.gov
25
cve-2007-6168
sql injection
vu case manager
remote attackers
arbitrary sql commands
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.003
Percentile
70.2%
SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the username parameter, a different vector than CVE-2007-6143. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected configurations
Node
vucase_manager
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vu | case_manager | * | cpe:2.3:a:vu:case_manager:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2007-6168
2007-11-29 01:46:00
CVE-2007-6143
2007-11-27 19:46:00
prion
prion
Sql injection
2007-11-29 01:46:00
Sql injection
2007-11-27 19:46:00
cvelist
cvelist
CVE-2007-6168
2007-11-29 01:00:00
CVE-2007-6143
2007-11-27 19:00:00
cve
cve
CVE-2007-6143
2007-11-27 19:46:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.003
Percentile
70.2%
Related for CVE-2007-6168