Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108 | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2020-09-24T14:12:55
Updated: 2020-09-24T14:12:55
Reserved: 2020-05-26T00:00:00
Link: CVE-2020-13504
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-24T15:15:13.687
Modified: 2020-09-29T13:40:31.857
Link: CVE-2020-13504
JSON object: View
Redhat Information
No data.
CWE