CVE-2019-7484
published 2019-12-19CVE-2019-7484: Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability…
PriorityP338medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.84%
53.4th percentile
Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sma | — | — |
| sonicwall | sma100 | — | — |
| sonicwall | sma_100_firmware | <= 9.0.0.3 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w9gv-xc92-5q49: Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script
ghsa_unreviewed·2022-05-24
CVE-2019-7484 [MEDIUM] GHSA-w9gv-xc92-5q49: Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script
Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.
Red Hat
postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table
vendor_redhat·2025-08-14·CVSS 7.5
CVE-2025-8713 [HIGH] CWE-1230 postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table
postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or table inheritance hierarchies. Reachable statistics data notably included histograms and most-common-values lists. CVE-2017-7484 and CVE-2019-10130 intended to close this class of
SonicWall
CVE-2019-7484: Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulner
vendor_sonicwall·2019-12-19·CVSS 6.5
CVE-2019-7484 [MEDIUM] CWE-89 CVE-2019-7484: Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulner
CVE-2019-7484: Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-12-19
Published