CVE-2023-21521 (athoc)

An SQL Injection vulnerability in the Management Console? (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

administration athoc attacker audit blackberry cases console cve data database delete file file system injection issue management operations recover sensitive sensitive data sql sql injection system update version vulnerability