Lucene search
HistoryJul 22, 2022 - 3:15 p.m.
CVE-2022-2136
cve-2022-2136
sql injections
low privilege
unauthorized disclosure
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.4 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.8%
The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.
Affected configurations
Node
advantechiviewRange<5.7.04.6469
| CPE | Name | Operator | Version |
|---|---|---|---|
| advantech:iview | advantech iview | lt | 5.7.04.6469 |
CNA Affected
[
{
"product": "iView",
"vendor": "Advantech iView",
"versions": [
{
"lessThan": "5_7_04_6469",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
]Social References
More
Related
zdi
zdi
prion
prion
Sql injection
2022-07-22 15:15:00
checkpoint_advisories
checkpoint_advisories
Advantech iView SQL Injection (CVE-2022-2136)
2022-10-31 00:00:00
nvd
nvd
CVE-2022-2136
2022-07-22 15:15:08
cnvd
cnvd
Advantech iView SQL Injection Vulnerability (CNVD-2023-16473)
2022-07-04 00:00:00
cvelist
cvelist
CVE-2022-2136 Advantech iView
2022-06-28 00:00:00
ics
ics
Advantech iView
2022-06-28 12:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.4 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.8%
Related for CVE-2022-2136