A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2022-11-04T00:00:00

Updated: 2024-08-03T12:49:43.620Z

Reserved: 2022-09-27T00:00:00

Link: CVE-2022-41671

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-11-04T15:15:10.353

Modified: 2024-11-21T07:23:36.693

Link: CVE-2022-41671

cve-icon Redhat

No data.