CVE-2022-38492

An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. One parameter allows SQL injection. Version 2022.1.110.1.02 fixes the vulnerability.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:easyvista:service_manager:2020.2.125.3:*:*:*:*:*:*:*
cpe:2.3:a:easyvista:service_manager:2022.1.109.0.03:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-01-10 21:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-38492

Mitre link : CVE-2022-38492

CVE.ORG link : CVE-2022-38492


JSON object : View

Products Affected

easyvista

  • service_manager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')