CVE-2010-4284: SQL Injection
First published: Mon May 09 2011(Updated: )
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Data Management Server | <=1.4.2 | |
| Samsung Data Management Server | =1.3.3 | |
| Samsung Data Management Server | =1.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-4284?
CVE-2010-4284 is classified as a medium severity SQL injection vulnerability.
How do I fix CVE-2010-4284?
To fix CVE-2010-4284, upgrade the Samsung Data Management Server to version 1.4.3 or later.
What versions are affected by CVE-2010-4284?
CVE-2010-4284 affects Samsung Data Management Server versions prior to 1.4.3, including 1.3.3 and 1.4.1.
What type of vulnerability is CVE-2010-4284?
CVE-2010-4284 is an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands.
Can CVE-2010-4284 be exploited remotely?
Yes, CVE-2010-4284 can be exploited remotely since it targets the integrated web server of the Data Management Server.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/remedy
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- vendor/samsung
- canonical/samsung data management server
- version/samsung data management server/1.4.2
- version/samsung data management server/1.3.3
- version/samsung data management server/1.4.1