Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
No reference.
Wed, 10 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-89 | |
| CPEs | ||
| References |
|
|
| Metrics |
cvssV3_1
|
Wed, 10 Jun 2026 20:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements. | DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. |
Wed, 13 May 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:genesys:latitude:25.1.0.420:*:*:*:*:*:*:* |
Mon, 27 Apr 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | SQL Injection in Genesys Latitude Enabling Arbitrary Database Access |
Wed, 22 Apr 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 22 Apr 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Genesys
Genesys latitude |
|
| Vendors & Products |
Genesys
Genesys latitude |
Wed, 22 Apr 2026 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | SQL Injection in Genesys Latitude Enabling Arbitrary Database Access | |
| Weaknesses | CWE-89 |
Wed, 22 Apr 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A SQL injection vulnerability exists in Genesys Latitude v25.1.0.420 that allows an authenticated attacker to execute arbitrary SQL queries against the backend database. The vulnerability is caused by unsanitized user-supplied input being concatenated directly into SQL statements. | |
| References |
|
Status: REJECTED
Assigner: mitre
Published:
Updated: 2026-06-10T19:49:26.352Z
Reserved: 2026-01-09T00:00:00.000Z
Link: CVE-2025-70420
Updated:
Status : Rejected
Published: 2026-04-21T21:16:22.900
Modified: 2026-06-10T20:16:26.897
Link: CVE-2025-70420
No data.
OpenCVE Enrichment
Updated: 2026-04-27T20:00:05Z
No weakness.