CVE-2024-23843

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Genians Genian NAC V5.0, Genians Genian NAC LTS V5.0.This issue affects Genian NAC V5.0: from V5.0.0 through V5.0.60; Genian NAC LTS V5.0: from 5.0.0 LTS through 5.0.55 LTS(Revision 125558), from 5.0.0 LTS through 5.0.56 LTS(Revision 125560).

CVSS v3 2.2 LOW

2.2^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.7 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://docs.genians.com/release/ko/advisories/GN-SA-2024-001.html

Configurations

No configuration.

History

28 Oct 2024, 13:58

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en Genians Genian NAC V5.0, Genians Genian NAC LTS V5.0. Este problema afecta a Genian NAC V5.0: desde V5.0.0 hasta V5.0.60; Genian NAC LTS V5.0: desde 5.0.0 LTS hasta 5.0.55 LTS (Revisión 125558), desde 5.0.0 LTS hasta 5.0.56 LTS (Revisión 125560).

28 Oct 2024, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-28 02:15

Updated : 2024-10-28 13:58

NVD link : CVE-2024-23843

Mitre link : CVE-2024-23843

CVE.ORG link : CVE-2024-23843

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

2.2 /10