Critical severity10.0NVD Advisory· Published Oct 28, 2022· Updated Jun 17, 2026
CVE-2021-36206
CVE-2021-36206
Description
All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.01.46+ 1 more
- (no CPE)range: <1.01.46
- (no CPE)range: all versions prior to 1.01.46
Patches
Vulnerability mechanics
References
2- www.cisa.gov/uscert/ics/advisories/icsa-22-298-05nvdThird Party AdvisoryUS Government Resource
- www.johnsoncontrols.com/cyber-solutions/security-advisoriesnvdVendor Advisory
News mentions
0No linked articles in our index yet.