Cisco DNA Spaces: Connector SQL Injection Vulnerability

By GIXnews

A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries.

The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability by entering malicious SQL statements in an affected field in … Read More here

Source:: Cisco Security Advisories