Remote Unauthenticated SQL Injection Vulnerability in Rockwell Automation FactoryTalk AssetCentre
CVE-2021-27472 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier, which may allow for the execution of remote unauthenticated arbitrary SQL statements.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.