CVE-2021-22851

Summary

HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.

Affected Software

VendorProductVersion RangeStatus
HGigaOAKSv20 OAKlouds-document_v3 2.0unspecified < 2.0-54affected
HGigaOAKSv30 OAKlouds-document_v3 3.0unspecified < 3.0-54affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References