CVE-2023-34600

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 20, 2023

Updated: Jun 27, 2023

CWE ID 89

Summary

CVE-2023-34600: Adiscon LogAnalyzer, version 4.1.13 and older, is susceptible to SQL Injection attacks. An attacker can exploit this vulnerability by injecting malicious SQL statements into the application's input fields, potentially allowing unauthorized access to sensitive data or even system takeover. This issue requires immediate attention as it poses a significant risk to organizations using the affected software. Users are advised to upgrade to the latest version or apply relevant patches as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adiscon LogAnalyzer

Affected Vendors

Adiscon GmbH

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rqbiGj
https://www.cve.org/CVERecord?id=CVE-2023-34600
https://nvd.nist.gov/vuln/detail/CVE-2023-34600

Back to Vulnerability Database