CVE-2019-6523

CRITICAL

Advantech WebAccess/SCADA 8.3 - SQL Injection

Title source: llm
STIX 2.1

Description

WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-024-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106722

Scores

CVSS v3 9.8
EPSS 0.0074
EPSS Percentile 73.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
advantech/webaccess\/scada 8.3
Published Feb 05, 2019
Tracked Since Feb 18, 2026