Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Blind SQL Injection.This issue affects Semtek Sempos: through 31072024.
History

Thu, 05 Sep 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Semtekyazilim
Semtekyazilim semtek Sempos
CPEs cpe:2.3:a:semtekyazilim:semtek_sempos:*:*:*:*:*:*:*:*
Vendors & Products Semtekyazilim
Semtekyazilim semtek Sempos
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Wed, 04 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Semtek
Semtek sempos
CPEs cpe:2.3:a:semtek:sempos:*:*:*:*:*:*:*:*
Vendors & Products Semtek
Semtek sempos
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 04 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Blind SQL Injection.This issue affects Semtek Sempos: through 31072024.
Title SQLi in Semtek Informatics Software's Semtek Sempos
Weaknesses CWE-89
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2024-09-04T14:13:50.758Z

Updated: 2024-09-04T15:20:00.669Z

Reserved: 2024-07-24T12:39:03.099Z

Link: CVE-2024-7076

cve-icon Vulnrichment

Updated: 2024-09-04T15:19:52.600Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-04T15:15:14.333

Modified: 2024-09-05T14:39:32.487

Link: CVE-2024-7076

cve-icon Redhat

No data.