Lucene search
China National Vulnerability DatabaseCNVD-2023-17660HistoryMar 16, 2023 - 12:00 a.m.
Siemens RUGGEDCOM CROSSBOW SQL Injection Vulnerability
2023-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
siemens
ruggedcom crossbow
sql injection
vulnerability
access management
nerc cip
audit logs
exploited
attackers
database
0.001 Low
EPSS
Percentile
36.9%
RUGGEDCOM CROSSBOW is a secure access management solution designed to provide NERC CIP-compliant access to intelligent electronic devices.A SQL injection vulnerability exists in Siemens RUGGEDCOM CROSSBOW, which stems from the fact that the audit logs of affected applications are vulnerable to SQL injection attacks, which can be exploited by attackers to server database to execute arbitrary SQL queries.
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens ruggedcom crossbow | lt | 5.3 |
Related
cvelist
cvelist
CVE-2023-27463
2023-03-14 09:32:09
cve
cve
CVE-2023-27463
2023-03-14 10:15:29
prion
prion
Sql injection
2023-03-14 10:15:00
nvd
nvd
CVE-2023-27463
2023-03-14 10:15:29
ics
ics
Siemens RUGGEDCOM CROSSBOW V5.3
2023-03-16 12:00:00