PT-2022-18319 · National Instruments · G Web Development+4
Published
2022-04-21
·
Updated
2022-05-03
·
CVE-2022-27237
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SystemLink versions prior to 2021 R3
FlexLogger versions prior to 2022 Q2
LabVIEW versions prior to 2021 SP1
G Web Development versions prior to 2022 R1
Static Test Software Suite versions prior to 1.2
Description
There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products.
Recommendations
For SystemLink versions prior to 2021 R3, install SystemLink version 2021 R3 or later.
For FlexLogger versions prior to 2022 Q2, install FlexLogger 2022 Q2 or later.
For LabVIEW versions prior to 2021 SP1, install LabVIEW 2021 SP1.
For G Web Development versions prior to 2022 R1, install G Web Development 2022 R1 or later.
For Static Test Software Suite versions prior to 1.2, install Static Test Software Suite version 1.2 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flexlogger
G Web Development
Labview
Static Test Software Suite
Systemlink