Rewterz Threat Alert – Latest Trickbot IOCs
August 7, 2020Rewterz Threat Advisory – CVE-2020-3472 – Cisco Webex Meetings User Email Address Information Disclosure Vulnerability
August 7, 2020Rewterz Threat Alert – Latest Trickbot IOCs
August 7, 2020Rewterz Threat Advisory – CVE-2020-3472 – Cisco Webex Meetings User Email Address Information Disclosure Vulnerability
August 7, 2020Severity
Medium
Analysis Summary
Apache SkyWalking is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the wildcard query cases, which could allow the attacker to view, add, modify or delete information in the back-end database.
Impact
Data Manipulation
Affected Vendors
Apache
Affected Products
- Apache SkyWalking 6.6.0
- Apache SkyWalking 7.0.0
- Apache SkyWalking 8.0.0
- Apache SkyWalking 8.0.1
- Apache SkyWalking 6.5.0
Remediation
Refer to SkyWalking GIT Repository for patch, upgrade or suggested workaround information.