Home Forums Lina forums – EN Lina : Troubleshooting & Security Advisory ID : LINA/ADE-2021-0001

Tagged: ,

  • This topic is empty.
Viewing 0 reply threads
  • Author
    Posts
    • #11000
      Marc VerheyenMarc Verheyen
      Keymaster

        Advisory ID : LINA/ADE-2021-0001

        CVSSv3 Range :  8.4-9.8

        Issue Date : 2021-12-03

        Release Patch : 2021-12-03

        CVE(s): N/A

        Synopsis :

        SQL Injection vulnerability exists in LINA in admin console via the login page

        Product :

        LINA / ADE admin console

        Version :

        From 5.0 to 5.2 of Lina

        From 5.0 to 5.2 for ADE

        Problem type :

        https://cwe.mitre.org/data/definitions/89.html

        Description :

        Improper Neutralization of Special Elements used in an SQL Command in LINA version 5.0 to 5.2 on admin console allow attackers to obtain sensitive database information in order to get administration access.

        Mitigations or workaround :

        Install security update  patch 5.2.2RC_B1695  or get the GA  version Lina 5.3.0

         

         

        Spread the love
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.