| |
Vulnerability CVE-2022-1361
Published: 2022-05-17
| Description: |
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user??s accounts and devices. |
Type:
CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
References: |
https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
