Back to search
CVE-2024-6456
Published: Aug 15, 2024
Modified: Aug 16, 2024
PUBLISHED
Description
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.
| Vendor | Product | Versions |
|---|---|---|
AVEVA | Historian Web Server | affected 2023R2affected 2023 - < 2023 P03affected 2020 - < 2020 R2 SP1 P01 |
Weaknesses (CWE)
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10
government-resource
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now