6.5
CVSSv3

CVE-2020-25034

Published: 26/10/2020 Updated: 30/10/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

FireEye EX 3500 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to the email search feature using the sort, sort_by, search{URL], or search[attachment] parameter, which could allow the malicious user to view, add, modify or delete information in the back-end database.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fireeye email_malware_protection_system