SQL Injection Vulnerabilities in Echo ShareCare 8.15.5

CVE-2021-33578 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Echo ShareCare 8.15.5 is susceptible to SQL injection vulnerabilities when processing remote input from both authenticated and unauthenticated users, leading to the ability to bypass authentication, exfiltrate Structured Query Language (SQL) records, and manipulate data.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.