SQL Injection Vulnerability in On-Premise Allows Data Exfiltration

SQL Injection Vulnerability in On-Premise Allows Data Exfiltration

CVE-2022-1358 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.