ICS Advantech iView getPSInventoryInfo SQL Injection (CVE-2021-32932)
Rule ID
1139469
Severity
High
Description
A SQL injection vulnerability exists in the Advantech iView. The vulnerability is due to improper validation of usersupplied input when processing the request in getPSInventoryInfo method in NetworkServlet Java class.
Impact
SQL injection
Recommendation
Update vendor's patch.
IPS Category
ICS threats
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
Reference
Keyword
N/A
Created At
2021/07/15
Updated At
2021/07/15
This website uses cookies to ensure you get the best experience on our website.
Learn more