All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jci
Published: 2022-10-28T01:17:27.885976Z
Updated: 2024-09-17T03:13:44.088Z
Reserved: 2021-07-06T00:00:00
Link: CVE-2021-36206
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-10-28T02:15:16.730
Modified: 2022-11-01T15:41:37.277
Link: CVE-2021-36206
Redhat
No data.