CVE-2020-12014

High

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL…

icscert·CWE-89·Published 2020-05-08

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

147 chars

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.

NVDen

147 chars

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.

Advantech WebAccess Node, versiones 8.4.4 y anteriores, versión 9.0.0. Una entrada no está apropiadamente saneada y puede permitir a un atacante inyectar comandos SQL.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N