Lucene search
PRIOn knowledge basePRION:CVE-2023-2567HistorySep 19, 2023 - 11:16 a.m.
Sql injection
2023-09-1911:16:00
PRIOn knowledge base
www.prio-n.com
4
vulnerability
input validation
authenticated attacker
arbitrary sql queries
dbms
web application
uncontrolled information extraction
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.
Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.
References
Related
cvelist
cvelist
cve
cve
CVE-2023-2567
2023-09-19 11:16:19
nvd
nvd
CVE-2023-2567
2023-09-19 11:16:19
ics
ics
Siemens RUGGEDCOM APE1808 Devices
2023-11-16 12:00:00