Ecava Integraxor SCADA Server CVE-2014-2376 Unspecified SQL Injection Vulnerability
BID:69772
Info
Ecava Integraxor SCADA Server CVE-2014-2376 Unspecified SQL Injection Vulnerability
| Bugtraq ID: | 69772 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-2376 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 11 2014 12:00AM |
| Updated: | Sep 11 2014 12:00AM |
| Credit: | Alain Homewood |
| Vulnerable: |
Ecava IntegraXor SCADA Server 4.1.4392 Ecava IntegraXor SCADA Server 4.1.4360 |
| Not Vulnerable: | |
Discussion
Ecava Integraxor SCADA Server CVE-2014-2376 Unspecified SQL Injection Vulnerability
Ecava Integraxor SCADA Server is prone to an unspecified SQL-injection vulnerability.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Ecava Integraxor SCADA Server is prone to an unspecified SQL-injection vulnerability.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Exploit / POC
Ecava Integraxor SCADA Server CVE-2014-2376 Unspecified SQL Injection Vulnerability
An attacker can exploit this issue using a web browser.
An attacker can exploit this issue using a web browser.
Solution / Fix
Ecava Integraxor SCADA Server CVE-2014-2376 Unspecified SQL Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Ecava Integraxor SCADA Server CVE-2014-2376 Unspecified SQL Injection Vulnerability
References:
References: