CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-28970

eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the job_id parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-006.txt
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-006.txt

Products affected by CVE-2021-28970

Fireeye » Email Malware Protection System » Version: 9.0.1.923211

cpe:2.3:a:fireeye:email_malware_protection_system:9.0.1.923211
Fireeye » Ex 3500 » Version: N/A

cpe:2.3:h:fireeye:ex_3500:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28970

Products

Pricing

Contact Us