Vulnerabilities > Aveva > Edna Enterprise Data Historian

DATE CVE VULNERABILITY TITLE RISK
2020-09-24 CVE-2020-13505 SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.
network
low complexity
aveva CWE-89
critical
 9.8
9.8
2020-09-24 CVE-2020-13504 SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.
network
low complexity
aveva CWE-89
critical
 9.8
9.8
2020-09-24 CVE-2020-13501 SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.
network
low complexity
aveva CWE-89
critical
 9.8
9.8
2020-09-24 CVE-2020-13500 SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.
network
low complexity
aveva CWE-89
critical
 9.8
9.8
2020-09-24 CVE-2020-13499 SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.
network
low complexity
aveva CWE-89
critical
 9.8
9.8