U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:advantech:iview:5.7.03.6182:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 7 matching records.
Displaying matches 1 through 7.
Vuln ID Summary CVSS Severity
CVE-2022-2143

The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-2142

The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information.

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2022-2139

The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-2138

The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-2137

The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 4.9 MEDIUM
V2.0:(not available)
CVE-2022-2136

The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-2135

The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.

Published: July 22, 2022; 11:15:08 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)