April 20, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2020-13920 – Apache ActiveMQ man-in-the-middle Attack
September 14, 2020Rewterz Threat Alert – TA505 Active IoCs
September 14, 2020Rewterz Threat Advisory – CVE-2020-13920 – Apache ActiveMQ man-in-the-middle Attack
September 14, 2020Rewterz Threat Alert – TA505 Active IoCs
September 14, 2020
Severity
Medium
Analysis Summary
AVEVA Enterprise Data Management Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
Impact
Data Manipulation
Affected Vendors
AVEVA
Affected Products
AVEVA Enterprise Data Management Web
Remediation
AVEVA recommends users to upgrade to AVEVA Enterprise Data Management Web v2019 SP1.
