Remote SQL Injection and Unauthorized Data Injection in HPE IceWall SSO 10.0 certd

Remote SQL Injection and Unauthorized Data Injection in HPE IceWall SSO 10.0 certd

CVE-2022-28623 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SSO version 10.0 certd library Patch 9 for HP-UX.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.