Suse Susestudio-Ui-Server vulnerabilities
2 known vulnerabilities affecting suse/susestudio-ui-server.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-14807HIGHCVSS 8.1≤ 1.3.17-56.6.32020-01-27
CVE-2017-14807 [HIGH] CWE-89 CVE-2017-14807: An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerabilit
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-
nvd
CVE-2017-14806MEDIUMCVSS 5.9≤ 1.3.17-56.6.32020-01-27
CVE-2017-14806 [LOW] CWE-295 CVE-2017-14806: A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows re
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions.
nvd