An SQL Injection vulnerability in the Management Console (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.
References
Link | Resource |
---|---|
https://support.blackberry.com/kb/articleDetail?articleNumber=000112406 | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: blackberry
Published: 2023-09-12T18:18:34.237Z
Updated: 2023-09-12T18:24:40.491Z
Reserved: 2022-11-17T22:40:09.108Z
Link: CVE-2023-21521
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-12T19:15:36.033
Modified: 2023-11-07T04:06:36.647
Link: CVE-2023-21521
JSON object: View
Redhat Information
No data.
CWE