Description
The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected products
- Advantech iView / iViewAll – 5_7_04_6469
References
- VENDOR_ADVISORYhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03