CVE-2022-41773 - CERT CVE
ID CVE-2022-41773
Sažetak The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
Reference
CVSS
Base: 8.8
Impact: 5.9
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 28-10-2022 - 18:32
Objavljeno 27-10-2022 - 21:15