Vulnerability Details : CVE-2018-1252
RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain unauthorized access to the tool's monitoring and user information by supplying specially crafted input data to the affected application.
Vulnerability category: Sql InjectionBypass
Products affected by CVE-2018-1252
- cpe:2.3:a:rsa:web_threat_detection:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1252
0.92%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1252
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2018-1252
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-1252
-
http://www.securityfocus.com/bid/104396
EMC RSA Web Threat Detection CVE-2018-1252 SQL Injection VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1041026
RSA Web Threat Detection Input Validation Flaw in Administration and Forensics Applications Lets Remote Authenticated Users Inject SQL Commands - SecurityTrackerThird Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2018/Jun/4
Full Disclosure: DSA-2018-085: RSA Web Threat Detection SQL Injection VulnerabilityMailing List;Third Party Advisory
Jump to