CVE-2024-55987

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 89

Summary

CVE-2024-55987 is a newly disclosed SQL Injection vulnerability that affects Advanced from versions n/a through 1.0.3. Hackers can exploit this weakness to inject malicious SQL statements into the application, potentially gaining unauthorized access to sensitive data or even taking control of the entire system. The vulnerability arises due to the application's failure to properly neutralize special elements used in SQL commands, making it an immediate security concern for users running affected versions. Upgrading to the latest, patched version is strongly recommended to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1lo43D
https://www.cve.org/CVERecord?id=CVE-2024-55987
https://nvd.nist.gov/vuln/detail/CVE-2024-55987

Back to Vulnerability Database

CVE-2024-55987

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations