eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the job_id parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NFireeye Email Malware Protection System
APPFireeye9.0.1.923211Fireeye Ex 3500
HWFireeyewszystkie wersje
Powiązane podatności
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows ...
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attack...
eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection atta...
Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnera...
XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker ...