CVE-2024-9134

CVSS 3.1 Score 8.3 of 10 (high)

Details

Published Jan 10, 2025
CWE ID 89

Summary

CVE-2024-9134 refers to a series of SQL Injection vulnerabilities present in the reporting application. These vulnerabilities enable users with advanced access rights to manipulate SQL queries, potentially executing malicious commands that could impact the underlying operating system and elevate privileges. This issue poses a significant risk, as an attacker could exploit it to gain unauthorized access and control over critical systems. It is recommended that affected organizations apply patches or mitigations promptly to secure their environments against potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share