eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sort_by, search{URL], or search[attachment] parameter to the email search feature.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NFireeye Email Malware Protection System
APPFireeye< 9.0.1Fireeye Ex 3500
HWFireeyewszystkie wersje
Related vulnerabilities
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows ...
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attack...
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to co...
Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnera...
XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker ...