NVD

Id
33137  
Name
CVE-2014-5502  
Description
The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-10-07  
Modified Date
2014-10-08  
Seq
2014-5502  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
173760 33137 CVE-2014-5502 http://kb.cyberoam.com/default.asp?id=3049  View
173761 33137 CVE-2014-5502 http://www.zerodayinitiative.com/advisories/ZDI-14-328/  View
173762 33137 CVE-2014-5502 http://www.zerodayinitiative.com/advisories/ZDI-14-331/  View
173763 33137 CVE-2014-5502 http://www.zerodayinitiative.com/advisories/ZDI-14-332/  View
173764 33137 CVE-2014-5502 http://www.zerodayinitiative.com/advisories/ZDI-14-333/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
15723 JVNDB-2014-004598 Sophos Cyberoam アプライアンスの CyberoamOS における任意のコマンドを挿入される脆弱性 Sophos Cyberoam アプライアンスの CyberoamOS には、任意のコマンドを挿入される脆弱性が存在します。 CVE-2014-5502 72792 CVE-2014-5502 33137 9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004598.html 2014-09-15 2014-10-09 View