← back
CVE-2018-1756

CVE-2018-1756

CVSS 7.5 HIGHEPSS 10.6%
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.
CVSS:3.0/A:N/AC:L/AV:N/C:H/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O
Affected products
IBM · Security Identity Governance and Intelligence
public PoCs found2
cve_referencewww.exploit-db.com/exploits/45392/unverifiedexploitdbwww.exploit-db.com/exploits/45392unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/148599https://www.exploit-db.com/exploits/45392/http://www.ibm.com/support/docview.wss?uid=ibm10728883