CVE-2010-4284

Samsung Data Management Server < 1.4.3 - SQL Injection via Authentication Form

Title source: llm
STIX 2.1

Description

SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References (2)

Core 2
Core References
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/236668
Patch, US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf

Scores

EPSS 0.0289
EPSS Percentile 86.5%

Details

CWE
CWE-89
Status published
Products (3)
samsung/data_management_server 1.3.3
samsung/data_management_server 1.4.1
samsung/data_management_server < 1.4.2
Published May 09, 2011
Tracked Since Feb 18, 2026