CVE-2012-5861

High CVSS 7.8

Overview

These Sinapsi devices do not check the validity of the data before
executing queries. By accessing the SQL table of certain pages that do
not require authentication within the device, attackers can leak
information from the device. This could allow the attacker to compromise
confidentiality.

CWE: CWE-89 Published: 2012-11-23T12:09:58.367

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.8 (HIGH)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags