CVE-2024-11025 - Vulnerability Details - OpenCVE

An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00066.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-33982	An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://certvde.com/en/advisories/VDE-2024-074

History

Wed, 27 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 27 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
Description		An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.
Title		SMA: SQL injection in Sunny Central UP
Weaknesses		CWE-89
References		https://certvde.com/en/advisories/VDE-2024-074
Metrics		cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2024-11-27T10:24:50.001Z

Updated: 2024-11-27T12:01:12.145Z

Reserved: 2024-11-08T14:01:19.734Z

Link: CVE-2024-11025

Vulnrichment

Updated: 2024-11-27T11:56:20.753Z

NVD

Status : Received

Published: 2024-11-27T11:17:41.740

Modified: 2024-11-27T11:17:41.740

Link: CVE-2024-11025

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-89

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-11025", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2024-11-08T14:01:19.734Z", "datePublished": "2024-11-27T10:24:50.001Z", "dateUpdated": "2024-11-27T12:01:12.145Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Sunny Central SC 1760-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 1850-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2000 EV-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2000-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC-2200-10", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2200-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC-2475-10", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2500 EV-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2660 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2660 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2750 EV-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2750 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2800 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2800 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2930 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 2930 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 3060 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 3060 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4000 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4000 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4200 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4200 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4400 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4400 UP-JP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4400 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4600 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central SC 4600 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS-1900-10", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS-2200-10", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2300 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2300 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2400 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2400 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS-2475-10", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2530 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2530 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2630 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 2630 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS-2900-10", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3450 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3450 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3450 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3450 UP-XT-JP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3450 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3600 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3600 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3600 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3600 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3800 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3800 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3800 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3800 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3950 UP", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3950 UP-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3950 UP-XT", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Sunny Central Storage SCS 3950 UP-XT-US", "vendor": "SMA", "versions": [{"lessThan": "10.01.18.R", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pierre Martin from Synacktiv"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.</p>"}], "value": "An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2024-11-27T10:24:50.001Z"}, "references": [{"url": "https://certvde.com/en/advisories/VDE-2024-074"}], "source": {"discovery": "UNKNOWN"}, "title": "SMA: SQL injection in Sunny Central UP", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-11025", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-27T11:56:18.041177Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T12:01:12.145Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-11025", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-27T11:56:18.041177Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T11:56:20.753Z"}}], "cna": {"title": "SMA: SQL injection in Sunny Central UP", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pierre Martin from Synacktiv"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SMA", "product": "Sunny Central SC 1760-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 1850-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2000 EV-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2000-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC-2200-10", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2200-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC-2475-10", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2500 EV-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2660 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2660 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2750 EV-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2750 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2800 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2800 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2930 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 2930 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 3060 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 3060 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4000 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4000 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4200 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4200 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4400 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4400 UP-JP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4400 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4600 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central SC 4600 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS-1900-10", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS-2200-10", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2300 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2300 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2400 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2400 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS-2475-10", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2530 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2530 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2630 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 2630 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS-2900-10", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3450 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3450 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3450 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3450 UP-XT-JP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3450 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3600 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3600 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3600 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3600 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3800 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3800 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3800 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3800 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3950 UP", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3950 UP-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3950 UP-XT", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "SMA", "product": "Sunny Central Storage SCS 3950 UP-XT-US", "versions": [{"status": "affected", "version": "0", "lessThan": "10.01.18.R", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://certvde.com/en/advisories/VDE-2024-074"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.", "supportingMedia": [{"type": "text/html", "value": "<p>An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2024-11-27T10:24:50.001Z"}}}, "cveMetadata": {"cveId": "CVE-2024-11025", "state": "PUBLISHED", "dateUpdated": "2024-11-27T12:01:12.145Z", "dateReserved": "2024-11-08T14:01:19.734Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2024-11-27T10:24:50.001Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.1"}