CVE-2024-6917

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 12, 2024
Updated: Aug 13, 2024
CWE ID 78

Summary

CVE-2024-6917 is a critical OS Command Injection vulnerability affecting the Veribase Order Management system before version 4.010.2. An attacker can exploit this vulnerability by improperly neutralizing special elements in an operating system command, leading to the execution of arbitrary commands. The impact of this issue includes potential unauthorized system access, data theft, and other serious consequences. Organizations using the affected version of Veribase Order Management are urged to apply the necessary patch or update as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share