CVE-2020-13504

Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108 Exploit Technical Description
Configurations

Configuration 1

cpe:2.3:a:aveva:edna_enterprise_data_historian:3.0.1.2/7.5.4989.33053:*:*:*:*:*:*:*

Information

Published : 2020-09-24 03:15

Updated : 2020-09-29 01:40


NVD link : CVE-2020-13504

Mitre link : CVE-2020-13504

Products Affected
No products.
CWE