Описание
A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 8.2_20170817 (исключая)
cpe:2.3:a:advantech:webaccess\/scada:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00135
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands.
EPSS
Процентиль: 33%
0.00135
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-89
CWE-89