CVE-2019-15016 Vulnerability Details

  /     /     /  

CVE-2019-15016 Metadata Quick Info

CVE Published: 09/10/2019 | CVE Updated: 05/08/2024 | CVE Year: 2019
Source: palo_alto | Vendor: n/a | Product: Palo Alto Networks Zingbox Inspector
Status : PUBLISHED

---

CVE-2019-15016 Description

An SQL injection vulnerability exists in the management interface of Zingbox Inspector versions 1.288 and earlier, that allows for unsanitized data provided by an authenticated user to be passed from the web UI into the database.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: SQL Injection
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).