Security Advisory

CVE-2020-3973

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-08 13:46:28

Last updated 2024-08-04 07:52:20

Assigner vmware

State PUBLISHED

Description

The VeloCloud Orchestrator does not apply correct input validation which allows for blind SQL-injection. A malicious actor with tenant access to Velocloud Orchestrator could enter specially crafted SQL queries and obtain data to which they are not privileged.

← Browse all CVEs View on cve.org ↗