CVE-2018-7107

A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hpe:device_entitlement_gateway:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:hpe:device_entitlement_gateway:3.3:*:*:*:*:*:*:*
cpe:2.3:a:hpe:device_entitlement_gateway:3.3.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-27 18:29

Updated : 2024-02-28 16:48


NVD link : CVE-2018-7107

Mitre link : CVE-2018-7107

CVE.ORG link : CVE-2018-7107


JSON object : View

Products Affected

hpe

  • device_entitlement_gateway
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')