Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0.*, from 5.2.0 before 5.3.*.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.rti.com/vulnerabilities/#cve-2024-52057 |
History
Mon, 23 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 13 Dec 2024 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0.*, from 5.2.0 before 5.3.*. | |
Title | Potential arbitrary SQL query execution in Queuing Service while parsing malicious remote commands or configuration files | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: RTI
Published: 2024-12-13T10:12:32.502Z
Updated: 2024-12-23T20:07:46.353Z
Reserved: 2024-11-05T19:04:16.675Z
Link: CVE-2024-52057
Vulnrichment
Updated: 2024-12-23T20:07:42.779Z
NVD
Status : Received
Published: 2024-12-13T10:15:07.320
Modified: 2024-12-13T10:15:07.320
Link: CVE-2024-52057
Redhat
No data.