CVE-2022-38743 Information

Description

Rockwell Automation FactoryTalk VantagePoint versions 8.0 8.10 8.20 8.30 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. If successfully exploited this could allow the attacker to execute arbitrary code and gain access to restricted data.

Reference

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137043