CVE-2022-41773

The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 Mitigation Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:deltaww:diaenergie:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-10-27 21:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-41773

Mitre link : CVE-2022-41773

CVE.ORG link : CVE-2022-41773


JSON object : View

Products Affected

deltaww

  • diaenergie
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')