CVE-2010-4284

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Link Resource
http://www.kb.cert.org/vuls/id/236668 Patch US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf Patch US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:samsung:data_management_server:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:samsung:data_management_server:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:samsung:data_management_server:*:*:*:*:*:*:*:*

Information

Published : 2011-05-09 15:55

Updated : 2011-05-26 21:00


NVD link : CVE-2010-4284

Mitre link : CVE-2010-4284


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

samsung

  • data_management_server