7.06.0028.7089

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

icssolution

NVD

Published: 2023-11-13

Updated: 2024-11-21

Summary

A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing the application to malfunction.

Vulnerable Configurations

Part	Description	Count
Application	Icssolution Icssolution ICS Business Manager 7.06.0028.7089 Icssolution ICS Business Manager 7.06.0028.2802 Icssolution ICS Business Manager 7.06.0028.7066	3

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-icssolution-ics-business-manager
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-icssolution-ics-business-manager