CVE-2021-41063
https://notcve.org/view.php?id=CVE-2021-41063
SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3 that could allow an unauthenticated attackers to execute arbitrary commands. Se ha detectado una vulnerabilidad de inyección SQL en el servicio web de Aanderaa GeoView versiones anteriores a 2.1.3, que podría permitir a un atacante no autenticado ejecutar comandos arbitrarios • https://www.cisa.gov/uscert/ics/advisories/icsa-21-334-01 https://www.xylem.com https://www.xylem.com/en-us/about-xylem/cybersecurity/advisories https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-aanderaa-psa-2021-003.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •