CVE-2019-12193

H3C H3Cloud OS all versions allows SQL injection via the ear/grid_event sidx parameter.

Published : 2019-07-19 16:15 Updated : 2019-07-29 13:46

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
H3c H3cloud Os cpe:/o:h3c:h3cloud_os
  1. H3c (1) Search CVE
    1. H3cloud Os (1) Search CVE

CWE

ID Name Description Links
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. CVE

History of changes

Date Event
2019-07-29 13:46
2019-07-19 17:59

New CVE