CVE-2023-5806

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 18, 2024
Updated: Jan 25, 2024
CWE ID 89

Summary

CVE-2023-5806 is a critical SQL Injection vulnerability affecting Mergen Software's Quality Management System. The issue arises due to improper handling of special elements in SQL commands. An attacker can exploit this vulnerability to inject malicious SQL code and gain unauthorized access to sensitive data. The vulnerability affects all versions of the Quality Management System prior to v1.2. Organizations using the Mergen Software Quality Management System are urged to apply the latest patches or upgrades to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share