Description
A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | Desigo Insight | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-7775 | A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some query parameters in a reserved area. This could allow an authenticated attacker to retrieve data via a content-based blind SQL injection attack. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2024-08-04T13:22:30.868Z
Reserved: 2020-07-15T00:00:00.000Z
Link: CVE-2020-15792
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-10-15T19:15:12.767
Modified: 2024-11-21T05:06:11.397
Link: CVE-2020-15792
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses