SQL Injection Vulnerability in End-of-Life Secure Remote Access (SRA) Products

SQL Injection Vulnerability in End-of-Life Secure Remote Access (SRA) Products

CVE-2021-20028 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.