CVE-2020-13505

Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108 Exploit Technical Description
Configurations

Configuration 1

cpe:2.3:a:aveva:edna_enterprise_data_historian:3.0.1.2/7.5.4989.33053:*:*:*:*:*:*:*

Information

Published : 2020-09-24 03:15

Updated : 2020-09-25 03:04


NVD link : CVE-2020-13505

Mitre link : CVE-2020-13505

Products Affected
No products.
CWE