Vulnerability Description
A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. The application is vulnerable to injection of malicious SQL queries via the input from the client.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opwglobal | Sitesentinel Isite Atg Firmware | <= 175 |
| Opwglobal | Sitesentinel Isite Atg | - |
| Opwglobal | Sitesentinel Integra 500 Firmware | <= 175 |
| Opwglobal | Sitesentinel Integra 500 | - |
| Opwglobal | Sitesentinel Integra 100 Firmware | <= 175 |
| Opwglobal | Sitesentinel Integra 100 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100563Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04MitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/100563Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-12731?
CVE-2017-12731 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older ...
How severe is CVE-2017-12731?
CVE-2017-12731 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-12731?
Check the references section above for vendor advisories and patch information. Affected products include: Opwglobal Sitesentinel Isite Atg Firmware, Opwglobal Sitesentinel Isite Atg, Opwglobal Sitesentinel Integra 500 Firmware, Opwglobal Sitesentinel Integra 500, Opwglobal Sitesentinel Integra 100 Firmware.