CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35122

An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 4.0

References

https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin
https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin

Products affected by CVE-2020-35122

Keysight » Keysight Database Connector » Version: Any

cpe:2.3:a:keysight:keysight_database_connector:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35122

Products

Pricing

Contact Us