PT-2023-32511 · Unknown · Ics Business Manager
Andrés Elizalde Galdeano
+1
·
Published
2023-11-13
·
Updated
2023-11-17
·
CVE-2023-6097
CVSS v3.1
9.4
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
ICS Business Manager version 7.06.0028.7089
Description
A SQL injection issue has been discovered, allowing a remote user to send a specially crafted SQL query to retrieve all database information. The data can also be modified or deleted, causing application malfunction.
Recommendations
For ICS Business Manager version 7.06.0028.7089, update to a version that includes a fix for this SQL injection issue to prevent potential data breaches and application malfunctions.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ics Business Manager