Description
The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Advantech iView / iViewAll – 5_7_04_6469
References
- VENDOR_ADVISORYhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03