High severity7.2NVD Advisory· Published Dec 8, 2021· Updated Jun 17, 2026
CVE-2021-40861
CVE-2021-40861
Description
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Genesys/intelligent Workload Distributiondescription
- Range: 9.0.017.07
Patches
Vulnerability mechanics
References
2- www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/nvdExploitPatchThird Party Advisory
- docs.genesys.com/Documentation/IWDnvdProductRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.