A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command ('SQL Injection') vulnerability exists that could allow a user already authenticated on DCE to access unauthorized content, change, or delete content, or perform unauthorized actions when tampering with the alert settings of endpoints on DCE.
History

Thu, 07 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2023-07-12T06:22:46.848Z

Updated: 2024-11-07T14:46:44.245Z

Reserved: 2023-06-28T14:14:13.863Z

Link: CVE-2023-37196

cve-icon Vulnrichment

Updated: 2024-08-02T17:09:32.952Z

cve-icon NVD

Status : Modified

Published: 2023-07-12T07:15:10.377

Modified: 2024-11-21T08:11:10.310

Link: CVE-2023-37196

cve-icon Redhat

No data.