CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/idcos/Cloudboot/issues/22 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-30T12:35:39
Updated: 2024-08-05T01:24:48.607Z
Reserved: 2019-09-30T00:00:00
Link: CVE-2019-16999
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-30T13:15:11.277
Modified: 2024-11-21T04:31:30.780
Link: CVE-2019-16999
Redhat
No data.