8 matches found
CVE-2024-6456
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...
CVE-2024-6456
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...
CVE-2024-6456
CVE-2024-6456 describes a SQL Injection vulnerability in AVEVA Historian Server. Public sources in the connected documents indicate that an attacker could exploit the issue by enticing a user to open a specially crafted URL via the interactive Historian REST Interface, allowing the execution of S...
CVE-2024-6456 SQL Injection vulnerability in AVEVA Historian Server
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...
CVE-2024-6456 SQL Injection vulnerability in AVEVA Historian Server
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...
AVEVA Historian Web Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : Historian Server Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to get read and write...
PT-2024-5850 · Aveva · Aveva Historian Server
Name of the Vulnerable Software and Affected Versions: AVEVA Historian Server affected versions not specified Description: The issue is related to the lack of protection against malicious SQL commands. If exploited, it could allow a remote attacker to execute arbitrary code under the privileges o...
ICSA-21-231-01_AVEVA SuiteLink Server
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Software, LLC Equipment: SuiteLink Server Vulnerabilities: Heap-based Buffer Overflow, Null Pointer Dereference, Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful...