CVE-2024-8259

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 9, 2024
Updated: Dec 13, 2024
CWE ID 89

Summary

CVE-2024-8259 is a newly discovered SQL Injection vulnerability affecting the NatraCar B2B Dealer Management Program from Eryaz Information Technologies. This issue allows unauthorized SQL command injection, potentially granting attackers access to sensitive data. The affected version of the software ranges from the earliest available up to 09.12.2024. Notably, the vendor has confirmed that the product is no longer supported. This vulnerability poses a significant risk to organizations using the outdated software and highlights the importance of maintaining software up-to-date and implementing robust security measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share