CVE-2024-6456
EUVD-2024-4755215.08.2024, 21:15
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| aveva | historian | 2020 ≤ 𝑥 < 2020_r2_sp1_p01 | ADP |
| aveva | historian | 2023 ≤ 𝑥 < 2023_p03 | ADP |