What is CVE-2016-8341?

CVE-2016-8341 is a critical-severity vulnerability in Ecava Integraxor, classified under SQL Injection. CVSS score: 9.8/10. Published 2017-02-13.

How severe is CVE-2016-8341?

Critical severity. CVSS v3 base score is 9.8 out of 10.

SQL Injection in Ecava Integraxor

CVE-2016-8341

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and…

Vulnerability class: SQL Injection

EPSS: 0.003 (51.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Ecava Integraxor — versions 5.0.413.0
N/a Ecava Integraxor 5.0.413.0 — versions Ecava IntegraXor 5.0.413.0

Weakness classification (CWE)

CWE-89 — SQL Injection

References

ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC, Mitigation)

Frequently asked questions

What is CVE-2016-8341?: CVE-2016-8341 is a critical-severity vulnerability in Ecava Integraxor, classified under SQL Injection. CVSS score: 9.8/10. Published 2017-02-13.
How severe is CVE-2016-8341?: Critical severity. CVSS v3 base score is 9.8 out of 10.