| |
Podatność CVE-2022-1361
Publikacja: 2022-05-17
Opis: |
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user??s accounts and devices. |
Typ:
CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
Referencje: |
https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04
|
|
|
Copyright 2024, cxsecurity.com
|
|
|