Vulnerability Details CVE-2022-41133
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in GetDIAE_line_message_settingsListParameters. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-41133
-
cpe:2.3:a:deltaww:diaenergie:-
-
cpe:2.3:a:deltaww:diaenergie:1.08.00
-
cpe:2.3:a:deltaww:diaenergie:1.7.5
-
cpe:2.3:a:deltaww:diaenergie:1.8.0
-
cpe:2.3:a:deltaww:diaenergie:1.8.02.004
-
cpe:2.3:a:deltaww:diaenergie:1.9.0
-
cpe:2.3:a:deltaww:diaenergie:1.9.01.001