CVE-2023-32569

HIGH

Veritas InfoScale Operations Manager < 7.4.2.800 and 8.x < 8.0.410 - Authenticated SQL Injection

Title source: llm
STIX 2.1

Description

An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database.

References (1)

Core 1

Scores

CVSS v3 7.2
EPSS 0.0058
EPSS Percentile 43.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
veritas/infoscale_operations_manager < 7.4.2.800
Published May 10, 2023
Tracked Since Feb 18, 2026