CVE-2016-4999 vulnerability in Red Hat Products
Published on August 5, 2016

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2016-4999

Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.

Red Hat Dashbuilder

Red Hat Jboss Bpm Suite

Red Hat Jboss Enterprise Brms Platform

Exploit Probability

EPSS

6.97%

Percentile

91.27%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-4999 vulnerability in Red Hat ProductsPublished on August 5, 2016

Products Associated with CVE-2016-4999

Exploit Probability

CVE-2016-4999 vulnerability in Red Hat Products
Published on August 5, 2016