Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-3973 | 2 Linux, Vmware | 2 Linux Kernel, Velocloud Orchestrator | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
The VeloCloud Orchestrator does not apply correct input validation which allows for blind SQL-injection. A malicious actor with tenant access to Velocloud Orchestrator could enter specially crafted SQL queries and obtain data to which they are not privileged. |