NVD

Id
34697  
Name
CVE-2014-7289  
Description
SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-01-21  
Modified Date
2017-01-02  
Seq
2014-7289  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
178804 34697 CVE-2014-7289 http://packetstormsecurity.com/files/130060/Symantec-SDCS-SA-SCSP-XSS-Bypass-SQL-Injection-Disclosure.html  View
178805 34697 CVE-2014-7289 20150122 SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP  View
178806 34697 CVE-2014-7289 20150122 SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP  View
178807 34697 CVE-2014-7289 72092  View
178808 34697 CVE-2014-7289 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150119_00  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
18874 JVNDB-2014-007749 Symantec Critical System Protection および Symantec Data Center Security: Server Advanced の管理サーバにおける SQL インジェクションの脆弱性 Symantec Critical System Protection (SCSP) および Symantec Data Center Security: Server Advanced (SDCS:SA) の管理サーバには、SQL インジェクションの脆弱性が存在します。 CVE-2014-7289 74582 CVE-2014-7289 34697 6.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007749.html 2014-10-02 2015-01-23 View