NA

CVE-2020-6153

Published: 24/09/2020 Updated: 30/09/2020

Vulnerability Summary

AVEVA eDNA Enterprise Data Historian is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to FavoritesService.asmx using the FavoriteID parameter, which could allow the malicious user to view, add, modify, or delete information in the back-end database.

Vulnerability Trend