Bastion Security

Cisco CWS — SQL Injection vulnerability

Jason Xie found an authenticated SQL injection vulnerability in the Cisco Cloud Web Security (CWS) web application. If exploited an attacker could extract or modify values stored in the underlying database.
Talk to an expert

[no content]

[no content]

April 21, 2020

For further details please see the ZX Security Advisory or the Cisco security advisory.


Service Development Manager
Government Agency
"Great service, clear, detailed and precise information on what our vulnerabilities were and what needs addressing. Couldn't have been easier to deal with and very professional."
Expert methods

We have the tools to pinpoint risks

Whether it’s hidden vulnerabilities or patterns you might miss, we help you stay one step ahead and make confident, informed decisions. Understand how our services can help your business uncover critical risks

Talk to an expert
Employee Cyber Training & Awareness
Your people are your first line of defence. Our cyber training builds awareness, sharpens instincts and turns everyday staff into assets.
Advisory
When clarity is critical and stakes are high, our advisory services deliver strategic, executive-level security expertise that empowers decision-making