CVE-2014-5399

Summary

SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricWonderware Information Server Portal4.0 SP1affected
Schneider ElectricWonderware Information Server Portal4.5affected
Schneider ElectricWonderware Information Server Portal5.0affected
Schneider ElectricWonderware Information Server Portal5.5affected

Weaknesses

  • CWE-89: CWE-89

ADP Enrichment

CVE Program Container

Additional References

References