PT-2022-6140 · Advantech · Advantech Iview

Rgod

Published

2022-06-30

Updated

2022-07-28

CVE-2022-2135

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Advantech iView (affected versions not specified)

Description The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. This issue is related to the lack of protection measures for the SQL query structure. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

BDU:2023-00156

CVE-2022-2135

ZDI-22-880

ZDI-22-881

ZDI-22-882

ZDI-22-883

ZDI-22-884

ZDI-22-885

ZDI-22-886

ZDI-22-887

ZDI-22-888

ZDI-22-889

ZDI-22-890

ZDI-22-891

ZDI-22-892

ZDI-22-893

ZDI-22-894

ZDI-22-895

ZDI-22-896

ZDI-22-897

ZDI-22-898

ZDI-22-899

ZDI-22-900

ZDI-22-901

ZDI-22-902

ZDI-22-903

ZDI-22-904

ZDI-22-905

ZDI-22-906

ZDI-22-907

ZDI-22-908

ZDI-22-909

ZDI-22-910

ZDI-22-911

ZDI-22-912

ZDI-22-913

ZDI-22-914

ZDI-22-915

ZDI-22-916

ZDI-22-917

ZDI-22-918

ZDI-22-919

Affected Products

Advantech Iview

PT-2022-6140 · Advantech · Advantech Iview

CVE-2022-2135

Weakness Enumeration

Related Identifiers

Affected Products

References · 47