Strix
26.1K

CVE-2004-2542

UnknownEPSS 1.35%

Last modified

CVE-2004-2542 is a vulnerability of currently unknown severity. Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.. EPSS estimates a 1.35% chance of exploitation in the next 30 days.

Description

Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.

Metrics

EPSS Probability
1.35%

67.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
DynixWebpacAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2004-2542?
Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.
How severe is CVE-2004-2542?
Severity scoring for CVE-2004-2542 is pending analysis. The EPSS model estimates a 1.35% probability of exploitation in the next 30 days.
How do I fix CVE-2004-2542?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-2542?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST