CVE-2024-55974

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 89

Summary

CVE-2024-55974 is a newly disclosed SQL Injection vulnerability affecting AMS Nexe Iberica Mimoos software. The issue stems from a lack of proper neutralization of special elements in SQL commands. An attacker can exploit this vulnerability to inject malicious SQL queries, potentially gaining unauthorized access to sensitive data or even taking control of the affected system. The vulnerability is present in Mimoos versions from n/a through 1.2. Organizations running these versions are urged to apply the necessary patches as soon as possible to protect against SQL Injection attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1lqP5P
https://www.cve.org/CVERecord?id=CVE-2024-55974
https://nvd.nist.gov/vuln/detail/CVE-2024-55974

Back to Vulnerability Database

CVE-2024-55974

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations