CVE-2017-6050
published 2017-06-21CVE-2017-6050: A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow…
PriorityP261critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
3.54%
87.8th percentile
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ecava | integraxor | <= 5.2.1231.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is an unauthenticated SQL injection in Ecava IntegraXor versions 5.2.1231.0 and prior, exploitable remotely with low skill level — monitor web/HTTP traffic to IntegraXor endpoints for SQL injection patterns (e.g., unsanitized query parameters). ↗
- →No authentication is required to exploit this vulnerability — any unauthenticated request containing SQL metacharacters or injection payloads to the IntegraXor web SCADA/HMI interface should be treated as suspicious. ↗
- →No known public exploits exist for this CVE as of the advisory date — focus detection on anomalous SQL-like patterns in HTTP requests to IntegraXor services rather than known exploit signatures. ↗
- ·Only IntegraXor versions 5.2.1231.0 and prior are vulnerable; version 6.0.522.1 and newer contain the patch — ensure version fingerprinting is used to scope detection rules appropriately. ↗
- ·The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms the attack surface is network-accessible with no privileges or user interaction required, meaning internet-exposed IntegraXor instances are at highest risk. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Ecava IntegraXor
cisa_ics·2017-06-20
Ecava IntegraXor
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Ecava IntegraXor
Last RevisedJune 20, 2017
Alert CodeICSA-17-171-01
## CVSS v3 7.3
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Ecava
Equipment: IntegraXor
Vulnerability: SQL Injection
## AFFECTED PRODUCTS
The following versions of IntegraXor, a web SCADA/HMI solution, are affected:
- IntegraXor Versions 5.2.1231.0 and prior.
## IMPACT
Successful exploitation of this vulnerability may allow unauthenticated remote code execution.
## MITIGATION
Ecava recommends that users of affected IntegraXor versions should update to version 6.0.522.1 or newer,
GHSA
GHSA-cpvc-93p9-v723: A SQL Injection issue was discovered in Ecava IntegraXor Versions 5
ghsa_unreviewed·2022-05-17
CVE-2017-6050 [CRITICAL] CWE-89 GHSA-cpvc-93p9-v723: A SQL Injection issue was discovered in Ecava IntegraXor Versions 5
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-06-21
Published