Vulnerability Details CVE-2018-16803
In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://twitter.com/DC3VDP/status/1083359509995753473
- https://www.linkedin.com/feed/update/urn:li:activity:6489145511902212096/
- https://www.websec.nl/news.php
- https://twitter.com/DC3VDP/status/1083359509995753473
- https://www.linkedin.com/feed/update/urn:li:activity:6489145511902212096/
- https://www.websec.nl/news.php
Products affected by CVE-2018-16803
-
cpe:2.3:a:cimtechniques:cimscan:6.0.5814
-
cpe:2.3:a:cimtechniques:cimscan:6.2