Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0.*, from 5.2.0 before 5.3.*.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XRti Connext Professional
APPRti5.2.0 – 6.1.2.17 (bez)7.0.0 – 7.3.0 (bez)
Related vulnerabilities
Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) a...
Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Servi...
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (C...
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipu...
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipu...