Vulnerability Description
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Personify | Personify360 E-Business | <= 7.6.1 |
Related Weaknesses (CWE)
References
- https://amswoes.wordpress.com/2017/06/06/cve-2017-7314-dump-personify-database-sExploitThird Party Advisory
- https://amswoes.wordpress.com/2017/06/06/cve-2017-7314-dump-personify-database-sExploitThird Party Advisory
FAQ
What is CVE-2017-7314?
CVE-2017-7314 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available.
How severe is CVE-2017-7314?
CVE-2017-7314 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-7314?
Check the references section above for vendor advisories and patch information. Affected products include: Personify Personify360 E-Business.