SQL Injection Vulnerability in BlackBerry AtHoc Management Console

SQL Injection Vulnerability in BlackBerry AtHoc Management Console

CVE-2023-21521 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An SQL Injection vulnerability in the Management Console  (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.