CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25034

eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sort_by, search{URL], or search[attachment] parameter to the email search feature.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.1%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-031.txt
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-031.txt

Products affected by CVE-2020-25034

Fireeye » Email Malware Protection System » Version: N/A

cpe:2.3:a:fireeye:email_malware_protection_system:-
Fireeye » Email Malware Protection System » Version: 8.4.3.908134

cpe:2.3:a:fireeye:email_malware_protection_system:8.4.3.908134
Fireeye » Ex 3500 » Version: N/A

cpe:2.3:h:fireeye:ex_3500:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25034

Products

Pricing

Contact Us