Advisory ID : LINA/ADE-2021-0001
Advisory ID : LINA/ADE-2021-0001
CVSSv3 Range : 8.4-9.8
Issue Date : 2021-12-03
Release Patch : 2021-12-03
CVE(s): N/A
Synopsis :
SQL Injection vulnerability exists in LINA in admin console via the login page
Product :
LINA / ADE admin console
Version :
From 5.0 to 5.2 of Lina
From 5.0 to 5.2 for ADE
Problem type :
https://cwe.mitre.org/data/definitions/89.html
Description :
Improper Neutralization of Special Elements used in an SQL Command in LINA version 5.0 to 5.2 on admin console allow attackers to obtain sensitive database information in order to get administration access.
Mitigations or workaround :
Install security update patch 5.2.2RC_B1695 or get the GA version Lina 5.3.0
Articles / Posts
- Tina 4.8 GA is available
- Lina 6.1 GA is available
- PowerShell for Lina 6.0
- Advisory ID : LINA/ADE-2023-0002
- Advisory ID : LINA/ADE-2023-0001
- Time Navigator 4.6.9 Hyper-V Software Alert
- Tina 4.7.1 GA is available !
- Miria install error on a Linux server without X11
- HSS Replication requires attention when upgrading to 5.x
- LINA Agents 5.3.4
Categories
- Lina – EN (21)
- Miria – EN (8)
- Tina – EN (18)
Archives
- July 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- October 2022
- September 2022
- July 2022
- December 2021
- November 2021
- October 2021
- July 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020