![]() ![]() Identifier to a new value that contains a quote character and a fragment of An attack consists of logging in using the account and modifying an The account must be onĪ database which is configured to replicate data to one or more remote MySQLĭatabases. To modify user-supplied identifiers, such as table names. AttackĪn attacker requires an account on the target MySQL database with the privilege Of user-supplied data as it is replicated to remote MySQL Server instances. The vulnerability occurs due to insufficient validation A successful attack could allow any data in the remote MySQL database User to inject SQL code that runs with high privileges on a remote MySQL Serverĭatabase. MySQL Stored SQL Injection (CVE-2013-0375) VulnerabilityĪ vulnerability in the MySQL Server database could allow a remote, authenticated Important Note: The scoring models assume target systems are employing the Information from additional sources was also used when more details were National Vulnerability Database (NVD) at. Metric values differ from their CVSS version 3.0 counterparts are alsoĭetails of the vulnerabilities and attacks were sourced primarily from the Scoring differences between the two standards. CVSS version 2.0 scores are provided to show A summary of each vulnerability is provided, along This document demonstrates how to apply the CVSS version 3.1 standard to score Reference implementation of the CVSS v3.1 equations available at. Includes examples of CVSS v3.1 scoring in practice. Includes further discussion of CVSS v3.1, a scoring rubric, and a glossary. Includes metric descriptions, formulas, and vector string. Resources & Linksīelow are useful references to additional CVSS v3.1 documents. If you wish to use a specific version of the Examples document, use:Ĭommon Vulnerability Scoring System v3.1: ExamplesĪlso available in PDF format (533KiB). It is currently CVSS version 3.1, released in June 2019. This page updates with each release of the CVSS standard. Common Vulnerability Scoring System version 3.1: Specification Document CVSS Version 3.1 Release
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |