CVE-2024-8173

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 26, 2024
CWE ID 89

Summary

CVE-2024-8173 is a critical vulnerability found in the Blood Bank System version 1.0, specifically affecting the login.php file where SQL injection can be exploited through manipulations of the 'user' argument. This vulnerability allows attackers to execute remote exploits without requiring authentication, posing significant risks to the integrity and confidentiality of an organization’s data. The potential impact of this vulnerability is classified as high, with a CVSS score of 7.3, indicating low complexity and no need for user interaction during exploitation. Organizations using this system should remediate the vulnerability by implementing input validation and sanitization measures to prevent SQL injection attacks. Given its public disclosure, immediate action is advised to mitigate any threats arising from potential exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share