CVE-2019-16999

CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI.
References
Link Resource
https://github.com/idcos/Cloudboot/issues/22 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:idcos:cloudboot:*:*:*:*:*:*:*:*

Information

Published : 2019-09-30 01:15

Updated : 2019-10-02 06:06


NVD link : CVE-2019-16999

Mitre link : CVE-2019-16999

Products Affected
No products.
CWE