A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in the web UI. A successful exploit could allow the attacker to remove the SQL database, which would require the reinstallation of the Connector VM.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-11-26T03:41:50.505968Z
Updated: 2024-09-16T19:04:49.518Z
Reserved: 2019-09-06T00:00:00
Link: CVE-2019-15995
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-11-26T04:15:12.247
Modified: 2019-12-09T20:41:51.320
Link: CVE-2019-15995
Redhat
No data.