CVE-2023-32569

An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:veritas:infoscale_operations_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:veritas:infoscale_operations_manager:*:*:*:*:*:*:*:*

History

14 Jul 2023, 19:15

Type Values Removed Values Added
Summary An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database. An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database.

Information

Published : 2023-05-10 05:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-32569

Mitre link : CVE-2023-32569

CVE.ORG link : CVE-2023-32569


JSON object : View

Products Affected

veritas

  • infoscale_operations_manager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')