CVE-2016-9994
N/A
N/A
Summary
IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM Reference #: 1976805.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM Corporation | Kenexa LCMS Premier on Cloud | unspecified | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.0 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.1 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.2 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.2.1 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.3.0 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.4.0 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 9.5.0 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 10.0.0 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 10.1.0 | affected |
| IBM Corporation | Kenexa LCMS Premier on Cloud | 10.2.0 | affected |
Weaknesses
- Data Manipulation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.