A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege.
References
Link | Resource |
---|---|
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03889en_us | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-09-27 18:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-7107
Mitre link : CVE-2018-7107
CVE.ORG link : CVE-2018-7107
JSON object : View
Products Affected
hpe
- device_entitlement_gateway
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')