CVE-2017-7681 Vulnerability Details

  /     /     /  

CVE-2017-7681 Metadata Quick Info

CVE Published: 14/07/2017 | CVE Updated: 16/09/2024 | CVE Year: 2017
Source: apache | Vendor: Apache Software Foundation | Product: Apache OpenMeetings
Status : PUBLISHED

---

CVE-2017-7681 Description

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: SQL injection
Source: Apache Software Foundation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).