Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Susestudio\-Ui\-Server
(Suse)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-01-27 | CVE-2017-14806 | A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions. | Studio_onsite, Susestudio\-Ui\-Server | 5.9 | ||
| 2020-01-27 | CVE-2017-14807 | An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-56.6.3 and prior versions. | Studio_onsite, Susestudio\-Ui\-Server | 8.1 |