CVE-2010-1904
RSA Key Manager 1.5.x SQL Injection
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data.
Una vulnerabilidad de inyección SQL en EMC RSA Key Manager Client v1.5.x permite ejecutar comandos SQL a atacantes remotos ayudados por un usuario local a través de la sección metadata de los datos de una clave cifrada.
RSA Key Manager version 1.5.x suffers from a remote SQL injection vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-05-11 CVE Reserved
- 2010-06-04 CVE Published
- 2023-12-17 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/bugtraq/2011/Jan/138 | Mailing List |
|
| http://secunia.com/advisories/43057 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/511654/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/40553 | Vdb Entry | |
| http://www.securitytracker.com/id?1024059 | Vdb Entry | |
| http://www.securitytracker.com/id?1024989 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0206 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/59133 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0078.html | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Rsa Key Manager Client Search vendor "Emc" for product "Rsa Key Manager Client" | 1.5.0 Search vendor "Emc" for product "Rsa Key Manager Client" and version "1.5.0" | - |
Affected
| ||||||