CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5349

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

References

Products affected by CVE-2015-5349

Apache » Directory Studio » Version: 1.0.0

cpe:2.3:a:apache:directory_studio:1.0.0
Apache » Directory Studio » Version: 1.0.1

cpe:2.3:a:apache:directory_studio:1.0.1
Apache » Directory Studio » Version: 1.1.0

cpe:2.3:a:apache:directory_studio:1.1.0
Apache » Directory Studio » Version: 1.2.0

cpe:2.3:a:apache:directory_studio:1.2.0
Apache » Directory Studio » Version: 1.3.0

cpe:2.3:a:apache:directory_studio:1.3.0
Apache » Directory Studio » Version: 1.4.0

cpe:2.3:a:apache:directory_studio:1.4.0
Apache » Directory Studio » Version: 1.5.0

cpe:2.3:a:apache:directory_studio:1.5.0
Apache » Directory Studio » Version: 1.5.1

cpe:2.3:a:apache:directory_studio:1.5.1
Apache » Directory Studio » Version: 1.5.2

cpe:2.3:a:apache:directory_studio:1.5.2
Apache » Directory Studio » Version: 1.5.3

cpe:2.3:a:apache:directory_studio:1.5.3
Apache » Directory Studio » Version: 2.0.0

cpe:2.3:a:apache:directory_studio:2.0.0
Apache » Ldap Studio » Version: 0.6.0

cpe:2.3:a:apache:ldap_studio:0.6.0
Apache » Ldap Studio » Version: 0.7.0

cpe:2.3:a:apache:ldap_studio:0.7.0
Apache » Ldap Studio » Version: 0.8.0

cpe:2.3:a:apache:ldap_studio:0.8.0
Apache » Ldap Studio » Version: 0.8.1

cpe:2.3:a:apache:ldap_studio:0.8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5349

Products

Pricing

Contact Us