Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1455

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-1455
Last Modified 13 Aug 2015 01:56:53
Published 10 Apr 2014 04:29:20
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1455

Summary

SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL commands via the new password.

Vulnerable Systems

Application

  • Pearson Esis Enterprise Student Information System 3.3.0.13


References

BUGTRAQ - 20140406 Pearson eSIS Enterprise Student Information System SQL Injection

BID - 66689


Last Updated: 27 May 2016 11:04:54