Home › Forums › Lina forums – EN › Lina : Troubleshooting & Security › Advisory ID : LINA/ADE-2021-0001
- This topic is empty.
Viewing 0 reply threads
-
AuthorPosts
-
-
10 December 2021 at 21 h 40 min #11000
Advisory ID : LINA/ADE-2021-0001
CVSSv3 Range : 8.4-9.8
Issue Date : 2021-12-03
Release Patch : 2021-12-03
CVE(s): N/A
Synopsis :
SQL Injection vulnerability exists in LINA in admin console via the login page
Product :
LINA / ADE admin console
Version :
From 5.0 to 5.2 of Lina
From 5.0 to 5.2 for ADE
Problem type :
https://cwe.mitre.org/data/definitions/89.html
Description :
Improper Neutralization of Special Elements used in an SQL Command in LINA version 5.0 to 5.2 on admin console allow attackers to obtain sensitive database information in order to get administration access.
Mitigations or workaround :
Install security update patch 5.2.2RC_B1695 or get the GA version Lina 5.3.0
-
-
AuthorPosts
Viewing 0 reply threads
- You must be logged in to reply to this topic.
Sujets / Topics
- How to generate an AER in MIRIA or ADA
- Lina is not impacted by the SpringShell vulnerability CVE-2022-22965
- Tina is not impacted by the SpringShell vulnerability CVE-2022-22965
- Miria is not impacted by the SpringShell vulnerability CVE-2022-22965
- New Tech Paper on M365
- Advisory ID : MIRIA-2022-0001
- Do not use macOS UI 3.14 !
- Miria is not impacted by vulnerability CVE-2021-40438
- How to use REST API in Miria 3.14.0.10+
- How Tina backups Windows VMs on VMware