Vulnerabilities > Genesys > Intelligent Workload Distribution Manager > 9.0.005.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-40860 | SQL Injection vulnerability in Genesys Intelligent Workload Distribution Manager A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine. | 6.5 |