All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use it in place of the previous version.
References
Link | Resource |
---|---|
https://www.talend.com/security/incident-response/#CVE-2022-45588 | Vendor Advisory |
http://talend.com | Product |
Configurations
Configuration 1 (hide)
|
Information
Published : 2023-02-06 13:15
Updated : 2023-03-15 20:15
NVD link : CVE-2022-45589
Mitre link : CVE-2022-45589
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
talend
- esb_runtime