Lucene search
INCDCVELIST:CVE-2022-23169HistoryJun 13, 2022 - 4:13 p.m.
CVE-2022-23169 Amodat - Mobile Application Gateway SQL Injection (SQLi)
2022-06-1316:13:31
CWE-89
INCD
www.cve.org
amodat
mobile app
sql injection
cve-2022-23169
authentication
CVSS3
5.9
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
42.8%
attacker needs to craft a SQL payload. the vulnerable parameter is “agentid” must be authenticated to the admin panel.
CNA Affected
[
{
"product": "Amodat",
"vendor": "Amodat",
"versions": [
{
"lessThanOrEqual": "7.12.00.09",
"status": "affected",
"version": "7.12.00.08",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-23169
2022-06-13 17:15:09
nvd
nvd
CVE-2022-23169
2022-06-13 17:15:09
cnvd
cnvd
Amodat Mobile Application Gateway SQL Injection Vulnerability
2022-06-15 00:00:00
prion
prion
Design/Logic Flaw
2022-06-13 17:15:00
CVSS3
5.9
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
42.8%
Related for CVELIST:CVE-2022-23169