Vulnerability Details CVE-2015-1605
Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 87.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/72697
- http://www.zerodayinitiative.com/advisories/ZDI-15-048/
- http://www.zerodayinitiative.com/advisories/ZDI-15-049/
- http://www.securityfocus.com/bid/72697
- http://www.zerodayinitiative.com/advisories/ZDI-15-048/
- http://www.zerodayinitiative.com/advisories/ZDI-15-049/
Products affected by CVE-2015-1605
-
cpe:2.3:a:dell:asset_manager:9.0.0