Home

CVE-2016-3675

Description

SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases.

Risk Information

Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.084

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-2405 ,CVE-2016-3675 are affected in policy_center_firmware v100r003c10NCM
Vulnerabilities CVE-2016-3675 are affected in policy_center_firmware v100r003c00NCM
Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability (CVE-2016-3675)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234