CVE-2022-1361 Information

Description

The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04