Le Cargo Community System américain Navis, une plateforme logistique dédiée au transports maritimes, est victime d’une faille de sécurité critique par injection SQL, ce qui mettrait l’ensemble des données de ses clients en péril. | via Security Affairs
Navis WebAccess app used by US Ports is affected by a SQL injection flaw | via Security Affairs
The Navis WebAccess application used in the transportation sector worldwide is affected by a high severity SQL injection vulnerability.
A software used in the US ports is affected by a high severity SQL Injection vulnerability (CVE-2016-5817). The flaw was discovered by a hacker behind the online moniker “bRpsd,” the expert has discovered the vulnerability in the Navis WebAccess application, a web-based software that provides transport operators real-time access to operational logistics information. The Navis WebAccess is a legacy product that is still used by only 13 organizations worldwide, five of them are located in the United States including Georgia Ports Authority, the Port of Virginia, Port of Houston Authority, and Ports America…