Missing Authorization Check in SystemLink 2020 R2.1

Created Jul 21, 2023

Overview

NI has discovered a vulnerability in SystemLink 2020 R2.1. This version has a missing authorization check for an authenticated user. In limited circumstances, unauthenticated users could access data from cached reports.

NI strongly recommends that you install the patch.

Mitigation Guidance
Affected Products
CVSS Score
Further Information
Additional Resources

Mitigation Guidance

Install the available patch.

Affected Products

Product Version	Mitigation
SystemLink 2020 R2.1	Install Patch R2.2

CVSS Score

8.6 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Further Information

At NI, we view the security of our products as an important part of our commitment to our customers. Go to ni.com/security to stay informed and act upon security alerts and issues.

Additional Resources

CWE-862

Was this information helpful?

Yes

What do you need our team of experts to assist you with?

Request a quote Find the right product Place an order Get support on a product

How can we help?

Please enter your information below and we'll be intouch soon.

This field is required

Preferred communication method

Email Phone call