ID
VAR-202210-1862
CVE
CVE-2022-41773
TITLE
Delta Electronics, INC. of DIAEnergie In SQL Injection vulnerability
Trust: 0.8
DESCRIPTION
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries. Delta Electronics, INC. of DIAEnergie for, SQL There is an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.62
AFFECTED PRODUCTS
| vendor: | deltaww | model: | diaenergie | scope: | lt | version: | 1.9.01.002 | Trust: 1.0 |
| vendor: | delta | model: | diaenergie | scope: | - | version: | - | Trust: 0.8 |
| vendor: | delta | model: | diaenergie | scope: | eq | version: | 1.9.01.002 | Trust: 0.8 |
| vendor: | delta | model: | diaenergie | scope: | eq | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-89 | Trust: 1.0 |
| problemtype: | SQL injection (CWE-89) [NVD evaluation ] | Trust: 0.8 |
THREAT TYPE
remote
Trust: 0.6
TYPE
SQL injection
Trust: 0.6
CONFIGURATIONS
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-41773 | Trust: 3.2 |
| db: | ICS CERT | id: | ICSA-22-298-06 | Trust: 2.4 |
| db: | JVN | id: | JVNVU91874962 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2022-019796 | Trust: 0.8 |
| db: | AUSCERT | id: | ESB-2022.5371 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202210-2160 | Trust: 0.6 |
REFERENCES
| url: | https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 | Trust: 2.4 |
| url: | https://jvn.jp/vu/jvnvu91874962/ | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-41773 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-41773/ | Trust: 0.6 |
| url: | https://www.auscert.org.au/bulletins/esb-2022.5371 | Trust: 0.6 |
SOURCES
| db: | JVNDB | id: | JVNDB-2022-019796 |
| db: | NVD | id: | CVE-2022-41773 |
| db: | CNNVD | id: | CNNVD-202210-2160 |
LAST UPDATE DATE
2023-12-18T11:55:26.831000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2022-019796 | date: | 2023-10-27T08:12:00 |
| db: | NVD | id: | CVE-2022-41773 | date: | 2022-10-28T18:32:47.430 |
| db: | CNNVD | id: | CNNVD-202210-2160 | date: | 2022-10-31T00:00:00 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2022-019796 | date: | 2023-10-27T00:00:00 |
| db: | NVD | id: | CVE-2022-41773 | date: | 2022-10-27T21:15:16.593 |
| db: | CNNVD | id: | CNNVD-202210-2160 | date: | 2022-10-26T00:00:00 |