CVE-2011-1343

SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters."
SQL Injection
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
ibmtivoli_netcool\/omnibus
𝑥
≤ 7.2.1.10
ibmtivoli_netcool\/omnibus
7.1.0.0
ibmtivoli_netcool\/omnibus
7.1.0.11
ibmtivoli_netcool\/omnibus
7.1.0.12
ibmtivoli_netcool\/omnibus
7.1.0.13
ibmtivoli_netcool\/omnibus
7.2.0.0
ibmtivoli_netcool\/omnibus
7.2.0.7
ibmtivoli_netcool\/omnibus
7.2.0.8
ibmtivoli_netcool\/omnibus
7.2.0.9
ibmtivoli_netcool\/omnibus
7.2.0.10
ibmtivoli_netcool\/omnibus
7.2.1.0
ibmtivoli_netcool\/omnibus
7.2.1.5
ibmtivoli_netcool\/omnibus
7.2.1.6
ibmtivoli_netcool\/omnibus
7.2.1.7
ibmtivoli_netcool\/omnibus
7.2.1.8
ibmtivoli_netcool\/omnibus
7.2.1.9
ibmtivoli_netcool\/omnibus
7.3.0.0
ibmtivoli_netcool\/omnibus
7.3.0.1
ibmtivoli_netcool\/omnibus
7.3.0.2
ibmtivoli_netcool\/omnibus
7.3.0.3
𝑥
= Vulnerable software versions