{"api_version":"1","generated_at":"2026-04-23T00:39:53+00:00","cve":"CVE-2015-1605","urls":{"html":"https://cve.report/CVE-2015-1605","api":"https://cve.report/api/cve/CVE-2015-1605.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-1605","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-1605"},"summary":{"title":"CVE-2015-1605","description":"Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2015-02-24 15:59:00","updated_at":"2015-02-25 16:58:00"},"problem_types":["CWE-89"],"metrics":[],"references":[{"url":"http://www.zerodayinitiative.com/advisories/ZDI-15-048/","name":"http://www.zerodayinitiative.com/advisories/ZDI-15-048/","refsource":"MISC","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.zerodayinitiative.com/advisories/ZDI-15-049/","name":"http://www.zerodayinitiative.com/advisories/ZDI-15-049/","refsource":"MISC","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/72697","name":"72697","refsource":"BID","tags":[],"title":"Dell Asset Manager CVE-2015-1605 Multiple SQL Injection Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-1605","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1605","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"1605","vulnerable":"1","versionEndIncluding":"9.0.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"asset_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2015-1605","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.zerodayinitiative.com/advisories/ZDI-15-049/","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-15-049/"},{"name":"72697","refsource":"BID","url":"http://www.securityfocus.com/bid/72697"},{"name":"http://www.zerodayinitiative.com/advisories/ZDI-15-048/","refsource":"MISC","url":"http://www.zerodayinitiative.com/advisories/ZDI-15-048/"}]}},"nvd":{"publishedDate":"2015-02-24 15:59:00","lastModifiedDate":"2015-02-25 16:58:00","problem_types":["CWE-89"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:asset_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2015","CveId":"1605","Ordinal":"78500","Title":"CVE-2015-1605","CVE":"CVE-2015-1605","Year":"2015"},"notes":[{"CveYear":"2015","CveId":"1605","Ordinal":"1","NoteData":"Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx.","Type":"Description","Title":null},{"CveYear":"2015","CveId":"1605","Ordinal":"2","NoteData":"2015-02-24","Type":"Other","Title":"Published"},{"CveYear":"2015","CveId":"1605","Ordinal":"3","NoteData":"2015-02-24","Type":"Other","Title":"Modified"}]}}}