Vulnerabilities > Genesys > Intelligent Workload Distribution Manager > High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-08	CVE-2021-40860	SQL Injection vulnerability in Genesys Intelligent Workload Distribution Manager A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine. network low complexity genesys CWE-89	7.2
2021-12-08	CVE-2021-40861	SQL Injection vulnerability in Genesys Intelligent Workload Distribution Manager A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine. network low complexity genesys CWE-89	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.