CVE-2017-12731

Name of the Vulnerable Software and Affected Versions OPW Fuel Management Systems SiteSentinel Integra 100 versions older than V175 OPW Fuel Management Systems SiteSentinel Integra 100 versions V175 through V189 OPW Fuel Management Systems SiteSentinel Integra 100 versions V191 through V195 OPW Fuel Management Systems SiteSentinel Integra 500 versions older than V175 OPW Fuel Management Systems SiteSentinel Integra 500 versions V175 through V189 OPW Fuel Management Systems SiteSentinel Integra 500 versions V191 through V195 OPW Fuel Management Systems SiteSentinel iSite ATG versions older than V175 OPW Fuel Management Systems SiteSentinel iSite ATG versions V175 through V189 OPW Fuel Management Systems SiteSentinel iSite ATG versions V191 through V195 OPW Fuel Management Systems SiteSentinel iSite ATG version V16Q3.1

Description A SQL Injection issue was discovered in the mentioned OPW Fuel Management Systems consoles. The application is vulnerable to injection of malicious SQL queries via the input from the client.

Recommendations For versions older than V175, update to a version newer than V175. For versions V175 through V189, update to a version newer than V189. For versions V191 through V195, update to a version newer than V195. For version V16Q3.1, update to a version newer than V16Q3.1. As a temporary workaround, consider validating and sanitizing all client input to prevent malicious SQL queries.