GCVE - cpe:2.3:a:n/a:aveva:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:aveva:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Aveva (`a17aaebb-2f93-5c67-b5f9-52483611c98b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-13505`	vulnerable	2026-06-08 05:18:00.710684	Details available Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability. Published: 2020-09-24T14:13:06.000Z Updated: 2024-08-04T12:18:18.365Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13504`	vulnerable	2026-06-08 05:18:00.710401	Details available Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability. Published: 2020-09-24T14:12:55.000Z Updated: 2024-08-04T12:18:18.269Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13501`	vulnerable	2026-06-08 05:18:00.709979	Details available CRITICAL (9.8) An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks. Published: 2020-09-24T14:39:58.000Z Updated: 2024-08-04T12:18:18.364Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106 https://us-cert.cisa.gov/ics/advisories/icsa-20-254-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13500`	vulnerable	2026-06-08 05:18:00.709607	Details available CRITICAL (9.8) SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks. Published: 2020-09-24T14:16:37.000Z Updated: 2024-08-04T12:18:18.433Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106 https://us-cert.cisa.gov/ics/advisories/icsa-20-254-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13499`	vulnerable	2026-06-08 05:18:00.708370	Details available CRITICAL (9.8) An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks. Published: 2020-09-24T14:16:30.000Z Updated: 2024-08-04T12:18:18.353Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106 https://us-cert.cisa.gov/ics/advisories/icsa-20-254-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.