The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2022-05-17T20:18:28.888642Z
Updated: 2024-09-17T04:28:47.742Z
Reserved: 2022-04-14T00:00:00
Link: CVE-2022-1361
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-17T21:15:08.157
Modified: 2024-11-21T06:40:34.417
Link: CVE-2022-1361
Redhat
No data.