CVE-2023-2080: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG)...

8.5 CVSS

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud allows Blind SQL Injection.

Classification

CVE ID: CVE-2023-2080

CVSS Base Severity: HIGH

CVSS Base Score: 8.5

Affected Products

Vendor: Forcepoint

Product: Cloud Security Gateway (CSG)

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.14% (probability of being exploited)

EPSS Percentile: 50.94% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://support.forcepoint.com/s/article/000041871

Timeline

2024-12-12 00:30:30 UTC
CVE

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG)...