SQL Injection Vulnerability in Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0

SQL Injection Vulnerability in Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0

CVE-2022-1731 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.