CVE-2024-6456 Information

Description

AVEVA Historian Server has a vulnerability if exploited could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10