Vulnerability Details CVE-2015-1605
Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/72697
- http://www.zerodayinitiative.com/advisories/ZDI-15-048/
- http://www.zerodayinitiative.com/advisories/ZDI-15-049/
- http://www.securityfocus.com/bid/72697
- http://www.zerodayinitiative.com/advisories/ZDI-15-048/
- http://www.zerodayinitiative.com/advisories/ZDI-15-049/
Products affected by CVE-2015-1605
-
cpe:2.3:a:dell:asset_manager:9.0.0