SQL Injection Vulnerability in s::can moni::tools (<= 4.2) Allows Database Access and Potential Data Loss

SQL Injection Vulnerability in s::can moni::tools (<= 4.2) Allows Database Access and Potential Data Loss

CVE-2020-12507 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.