An attacker could utilize SQL commands to create a new user MDT AutoSave versions prior to v6.02.06 and update the user’s permissions, granting the attacker the ability to login.
CPE | Name | Operator | Version |
---|---|---|---|
autosave | lt | 6.02.06 | |
autosave | ge | 7.00 | |
autosave | le | 7.04 | |
autosave_for_system_platform | lt | 4.01 | |
autosave_for_system_platform | eq | 5.00 |