Lucene search
HistoryJul 22, 2022 - 3:15 p.m.
CVE-2022-2137
cve-2022-2137
sql injection
high privileges
unauthorized disclosure
nvd
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
5.2 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.5%
The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information
Affected configurations
Node
advantechiviewRange<5.7.04.6469
| CPE | Name | Operator | Version |
|---|---|---|---|
| advantech:iview | advantech iview | lt | 5.7.04.6469 |
CNA Affected
[
{
"product": "iView",
"vendor": "Advantech iView",
"versions": [
{
"lessThan": "5_7_04_6469",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2022-2137 Advantech iView
2022-06-28 00:00:00
zdi
zdi
cnvd
cnvd
Advantech iView SQL Injection Vulnerability (CNVD-2023-16472)
2022-08-19 00:00:00
nvd
nvd
CVE-2022-2137
2022-07-22 15:15:08
prion
prion
Sql injection
2022-07-22 15:15:00
ics
ics
Advantech iView
2022-06-28 12:00:00
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
5.2 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.5%
Related for CVE-2022-2137