CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-3864

Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.2%

CVSS Severity

CVSS v3 Score 7.2

References

https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC
https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC

Products affected by CVE-2023-3864

Snowsoftware » Snow License Manager » Version: 9.27

cpe:2.3:a:snowsoftware:snow_license_manager:9.27
Snowsoftware » Snow License Manager » Version: 9.29

cpe:2.3:a:snowsoftware:snow_license_manager:9.29
Snowsoftware » Snow License Manager » Version: 9.30

cpe:2.3:a:snowsoftware:snow_license_manager:9.30
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3864

Products

Pricing

Contact Us