RSS   Podatności dla
'Intelligent workload distribution manager'
   RSS

2021-12-08
 
CVE-2021-40860

CWE-89
 

 
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine.

 
 
CVE-2021-40861

CWE-89
 

 
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine.

 

 >>> Vendor: Genesys 2 Produkty
Intelligent workload distribution manager
Workforce management


Copyright 2024, cxsecurity.com

 

Back to Top