Cevas · Cevas · CVE-2021-36206
**Name of the Vulnerable Software and Affected Versions**
CEVAS versions prior to 1.01.46
**Description**
The issue concerns insufficient validation of user-controllable input, which could allow a user to bypass authentication and retrieve data using specially crafted SQL queries.
**Recommendations**
For versions prior to 1.01.46, update to version 1.01.46 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and implementing additional validation measures for user input to minimize the risk of exploitation.