CVE-2014-2948CVE-2014-2948

Affected configuration(s):

cpe:/a:bizagi:business_process_management_suite:10.0
cpe:/a:bizagi:business_process_management_suite:10.0.1
cpe:/a:bizagi:business_process_management_suite:10.1
cpe:/a:bizagi:business_process_management_suite:10.2
cpe:/a:bizagi:business_process_management_suite:10.3
cpe:/a:bizagi:business_process_management_suite:10.4

Date published: 2014-05-22T16:55:06.627-04:00

Date last modified: 2014-06-27T12:50:44.893-04:00

CVSS Score: 6.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.kb.cert.org/vuls/id/112412

Summary: SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.