CVE-2017-3899
CVE-2017-3899
In short
A flaw in Intel Security Advanced Threat Defense allows authenticated users to inject malicious SQL code through a web request, potentially exposing sensitive product information.
Technical detail
SQL injection vulnerability in ATD Linux 3.6.0 and earlier exists in HTTP request parameter handling. An authenticated attacker can craft malicious SQL queries to extract product data from the backend database without proper input sanitization.
Summary generated and translated by AI from the official description.
SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
Affected products
Intel · Advanced Threat Defense (ATD)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →