Security Advisory

CVE-2019-3792

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-01 20:54:47

Last updated 2024-09-17 01:46:43

Assigner dell

State PUBLISHED

Description

Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data.

← Browse all CVEs View on cve.org ↗