Lucene search
HistoryFeb 21, 2012 - 1:31 p.m.
CVE-2012-1234
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.002
Percentile
53.4%
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.
Affected configurations
Node
advantechadvantech_webaccessRange≤6.0
ORadvantechadvantech_webaccessMatch5.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| advantech | advantech_webaccess | * | cpe:2.3:a:advantech:advantech_webaccess:*:*:*:*:*:*:*:* |
| advantech | advantech_webaccess | 5.0 | cpe:2.3:a:advantech:advantech_webaccess:5.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-1234
2012-02-21 11:00:00
CVE-2012-0234
2012-02-21 11:00:00
cve
cve
CVE-2012-1234
2012-02-21 13:31:57
CVE-2012-0234
2012-02-21 13:31:56
prion
prion
Sql injection
2012-02-21 13:31:00
Sql injection
2012-02-21 13:31:00
nvd
nvd
CVE-2012-0234
2012-02-21 13:31:56
nessus
nessus
Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities
2017-02-14 00:00:00
Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities
2015-08-28 00:00:00
ics
ics
Advantech WebAccess Vulnerabilities (UPDATE A)
2018-08-27 12:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.002
Percentile
53.4%
Related for NVD:CVE-2012-1234