VAR-201801-1493
Vulnerability from variot - Updated: 2023-12-18 12:37A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the user parameter in chkLogin2.asp. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess is a browser-based human interface HMI software package, as well as monitoring and data acquisition SCADA. Advantech WebAccess/SCADA is a browser-based SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1493",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess node",
"scope": null,
"trust": 1.4,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess\\/scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess/scada",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess/scada \u003cv8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.0"
},
{
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess/scada",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "BID",
"id": "102781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "NVD",
"id": "CVE-2018-5443"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess\\/scada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2_20170817",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5443"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
}
],
"trust": 1.4
},
"cve": "CVE-2018-5443",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-5443",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 2.2,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-01710",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-135474",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-5443",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5443",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-5443",
"trust": 1.4,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-01710",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-959",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-135474",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "VULHUB",
"id": "VHN-135474"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inputs for SQL commands. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the user parameter in chkLogin2.asp. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess is a browser-based human interface HMI software package, as well as monitoring and data acquisition SCADA. Advantech WebAccess/SCADA is a browser-based SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "BID",
"id": "102781"
},
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-135474"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5443",
"trust": 5.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-023-01",
"trust": 3.4
},
{
"db": "BID",
"id": "102781",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-01710",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5503",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-144",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5502",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-143",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2E2B550-39AB-11E9-BB92-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-135474",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "VULHUB",
"id": "VHN-135474"
},
{
"db": "BID",
"id": "102781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"id": "VAR-201801-1493",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "VULHUB",
"id": "VHN-135474"
}
],
"trust": 1.6679344999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
}
]
},
"last_update_date": "2023-12-18T12:37:01.625000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-01"
},
{
"title": "WebAccess/SCADA",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Patch for Advantech WebAccess/SCADA SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/114217"
},
{
"title": "Advantech WebAccess/SCADA SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78083"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135474"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "NVD",
"id": "CVE-2018-5443"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102781"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5443"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5443"
},
{
"trust": 0.6,
"url": "https://www.proxyit.cc/advisories/icsa-18-023-01"
},
{
"trust": 0.3,
"url": "http://www.advantech.in/"
},
{
"trust": 0.3,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "VULHUB",
"id": "VHN-135474"
},
{
"db": "BID",
"id": "102781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "VULHUB",
"id": "VHN-135474"
},
{
"db": "BID",
"id": "102781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-24T00:00:00",
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"date": "2018-02-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"date": "2018-02-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"date": "2018-01-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"date": "2018-01-25T00:00:00",
"db": "VULHUB",
"id": "VHN-135474"
},
{
"date": "2018-01-23T00:00:00",
"db": "BID",
"id": "102781"
},
{
"date": "2018-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"date": "2018-01-25T03:29:00.320000",
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"date": "2018-01-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-144"
},
{
"date": "2018-02-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-143"
},
{
"date": "2018-01-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-135474"
},
{
"date": "2018-01-23T00:00:00",
"db": "BID",
"id": "102781"
},
{
"date": "2018-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001574"
},
{
"date": "2019-10-09T23:41:22.297000",
"db": "NVD",
"id": "CVE-2018-5443"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess/SCADA SQL Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01710"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e2e2b550-39ab-11e9-bb92-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-959"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…