Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
Metrics
Affected Vendors & Products
References
History
Thu, 14 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Intel
Intel neural Compressor Software |
|
CPEs | cpe:2.3:a:intel:neural_compressor_software:*:*:*:*:*:*:*:* | |
Vendors & Products |
Intel
Intel neural Compressor Software |
|
Metrics |
ssvc
|
Wed, 13 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: intel
Published: 2024-11-13T21:12:05.575Z
Updated: 2024-11-14T19:36:41.548Z
Reserved: 2024-07-12T03:00:14.036Z
Link: CVE-2024-39368
Vulnrichment
Updated: 2024-11-14T15:13:53.326Z
NVD
Status : Received
Published: 2024-11-13T21:15:26.977
Modified: 2024-11-13T21:15:26.977
Link: CVE-2024-39368
Redhat
No data.