Miggo Logo

CVE-2016-3072: Katello SQL Injection vulnerabilities

8.8

CVSS Score
3.0

Basic Information

EPSS Score
0.70846%
Published
5/14/2022
Updated
2/13/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
katellorubygems< 2.4.32.4.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

Multipl* SQL inj**tion vuln*r**iliti*s in t** s*op**_s**r** *un*tion in *pp/*ontroll*rs/k*t*llo/*pi/v*/*pi_*ontroll*r.r* in K*t*llo *llow r*mot* *ut**nti**t** us*rs to *x**ut* *r*itr*ry SQL *omm*n*s vi* t** (*) sort_*y or (*) sort_or**r p*r*m*t*r.

Reasoning

No *n*lysis *v*il**l*