CVE-2024-27940
published 2024-05-14CVE-2024-27940: A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | ruggedcom_crossbow | < V5.5 | V5.5 |
| siemens | ruggedcom_crossbow | < 5.5 | 5.5 |