Vulnerability Description
A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through the use of several vulnerable fields of the application, an authenticated user could perform an SQL Injection attack by passing a modified SQL query downstream to the back-end server. The exploit of this vulnerability could be used to read, and potentially modify application data to which the user has access to.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Opcenter Execution Core | < 8.2 |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdfVendor Advisory
FAQ
What is CVE-2020-7577?
CVE-2020-7577 is a vulnerability with a CVSS score of 8.1 (HIGH). A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through the use of several vulnerable fields of the application, an au...
How severe is CVE-2020-7577?
CVE-2020-7577 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-7577?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Opcenter Execution Core.