Published: 24/09/2020 Updated: 30/09/2020

Vulnerability Summary

AVEVA eDNA Enterprise Data Historian is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to Alias.asmx using the AliasName parameter, which could allow the malicious user to view, add, modify, or delete information in the back-end database.

Vulnerability Trend