An SQL Injection vulnerability existed in DLP Extension 11.11.1.3. The vulnerability allowed an attacker to perform arbitrary SQL queries potentially leading to command execution.
History

Mon, 16 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 16 Dec 2024 06:45:00 +0000

Type Values Removed Values Added
Description An SQL Injection vulnerability existed in DLP Extension 11.11.1.3. The vulnerability allowed an attacker to perform arbitrary SQL queries potentially leading to command execution.
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: trellix

Published: 2024-12-16T06:31:45.960Z

Updated: 2024-12-16T16:32:57.875Z

Reserved: 2024-10-09T06:02:56.328Z

Link: CVE-2024-9678

cve-icon Vulnrichment

Updated: 2024-12-16T16:32:50.659Z

cve-icon NVD

Status : Received

Published: 2024-12-16T07:15:06.917

Modified: 2024-12-16T07:15:06.917

Link: CVE-2024-9678

cve-icon Redhat

No data.