CVE-2023-32569

An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database.

Published: May 10, 2023
Updated: Jul 15, 2023
CVE: CVE-2023-32569
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
veritas / infoscale_operations_manager	8.0.0	8.0.410
veritas / infoscale_operations_manager	-	7.4.2.800

https://www.veritas.com/content/support/en_US/security/VTS23-007

Vulnerability Database

290,206

CVE-2023-32569