Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3122

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-3122
Last Modified 05 Sep 2008 05:42:08
Published 10 Jul 2008 02:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-3122

Summary

Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.

Vulnerable Systems

Application

  • Xerox Centreware Web 1.0

  • Xerox Centreware Web 2.0

  • Xerox Centreware Web 3

  • Xerox Centreware Web 4.6.42


References

XF - xerox-centreware-unspecified-sql-injection(43672)

CONFIRM - http://www.xerox.com/downloads/usa/en/c/cert_XRX08_008.pdf

BID - 30151

SECUNIA - 30978


Last Updated: 27 May 2016 10:48:05