Unrated severityNVD Advisory· Published Mar 29, 2014· Updated May 6, 2026
CVE-2014-1645
CVE-2014-1645
Description
SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Affected products
9cpe:2.3:a:symantec:liveupdate_administrator:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:symantec:liveupdate_administrator:*:*:*:*:*:*:*:*range: <=2.3.2
- cpe:2.3:a:symantec:liveupdate_administrator:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.2.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:liveupdate_administrator:2.3.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.symantec.com/security_response/securityupdates/detail.jspnvdPatchVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2014-03/0172.htmlnvd
- www.securityfocus.com/bid/66400nvd
- www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140328-0_Symantec_LiveUpdate_Administrator_Multiple_vulnerabilities_wo_poc_v10.txtnvd
News mentions
0No linked articles in our index yet.