SUSE Susestudio-ui-server 1.3.17-56.6.3

CPE Details

SUSE Susestudio-ui-server 1.3.17-56.6.3
1.3.17-56.6.3
2020-02-05
15h45 +00:00
2020-02-05
15h45 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:suse:susestudio-ui-server:1.3.17-56.6.3:*:*:*:*:*:*:*

Informations

Vendor

suse

Product

susestudio-ui-server

Version

1.3.17-56.6.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-14807 2020-01-27 09h45 +00:00 An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-56.6.3 and prior versions.
8.1
High
CVE-2017-14806 2020-01-27 09h45 +00:00 A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions.
5.9
Medium