Vulnerabilities > Fireeye > Email Malware Protection System > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-01 | CVE-2021-28970 | SQL Injection vulnerability in Fireeye Email Malware Protection System 9.0.1.923211 eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the job_id parameter to the email search feature. | 6.5 |
2021-04-01 | CVE-2021-28969 | SQL Injection vulnerability in Fireeye Email Malware Protection System 9.0.1.923211 eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort_by parameter to the email search feature. | 6.5 |
2020-10-26 | CVE-2020-25034 | SQL Injection vulnerability in Fireeye Email Malware Protection System 8.4.3.908134 eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sort_by, search{URL], or search[attachment] parameter to the email search feature. | 6.5 |