An attacker could utilize SQL commands to create a new user MDT AutoSave versions prior to v6.02.06 and update the user’s permissions, granting the attacker the ability to login.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
auvesy-mdt autosave |
||
auvesy-mdt autosave for system platform |
||
auvesy-mdt autosave for system platform 5.00 |