Detections
Analytics

CVE-2010-0147

high

Description

SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/56346

http://www.vupen.com/english/advisories/2010/0416

http://www.securitytracker.com/id?1023606

http://www.securityfocus.com/bid/38272

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml

http://secunia.com/advisories/38619

http://osvdb.org/62444

Details

Source: Mitre, NVD

Published: 2010-02-23

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High