A vulnerability has been found in Caton CTP Relay Server 1.2.9 and classified as critical. This vulnerability affects unknown code of the file /server/api/v1/login of the component API. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. VDB-228010 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
History

Fri, 22 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-05-04T16:31:03.917Z

Updated: 2024-11-22T15:59:15.407Z

Reserved: 2023-05-04T15:56:24.118Z

Link: CVE-2023-2519

cve-icon Vulnrichment

Updated: 2024-08-02T06:26:09.484Z

cve-icon NVD

Status : Modified

Published: 2023-05-04T17:15:13.753

Modified: 2024-11-21T07:58:45.873

Link: CVE-2023-2519

cve-icon Redhat

No data.