CVE-2014-5399 Information

Description

SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Reference

http://www.securityfocus.com/bid/69416 https://ics-cert.us-cert.gov/advisories/ICSA-14-238-02