PT-2022-10159 · Unknown · Mdt Autosave

Amir Preminger

Published

2022-04-01

Updated

2022-04-11

CVE-2021-32953

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MDT AutoSave versions prior to v6.02.06

Description An attacker could utilize SQL commands to create a new user and update the user’s permissions, granting the attacker the ability to login.

Recommendations For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-32953

Affected Products

Mdt Autosave

PT-2022-10159 · Unknown · Mdt Autosave

CVE-2021-32953

Weakness Enumeration

Related Identifiers

Affected Products

References · 3