SQL Injection Vulnerability in CFEngine Enterprise Mission Portal Login Page

SQL Injection Vulnerability in CFEngine Enterprise Mission Portal Login Page

CVE-2023-45684 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.