CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14851

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.06

EPSS Ranking 90.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/108167
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
https://www.orpak.com
http://www.securityfocus.com/bid/108167
https://ics-cert.us-cert.gov/advisories/ICSA-19-122-01
https://www.orpak.com

Products affected by CVE-2017-14851

Orpak » Siteomat » Version: Any

cpe:2.3:a:orpak:siteomat:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14851

Products

Pricing

Contact Us