A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through the use of several vulnerable fields of the application, an authenticated user could perform an SQL Injection attack by passing a modified SQL query downstream to the back-end server. The exploit of this vulnerability could be used to read, and potentially modify application data to which the user has access to.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2020-07-14T13:18:05
Updated: 2021-01-12T20:18:36
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7577
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-14T14:15:18.290
Modified: 2020-07-17T18:03:05.350
Link: CVE-2020-7577
JSON object: View
Redhat Information
No data.
CWE