CVE-2024-9678

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Dec 16, 2024

CWE ID 89

Summary

CVE-2024-9678 is an SQL Injection vulnerability identified in DLP Extension 11.11.1.3. This issue enables attackers to execute arbitrary SQL queries, putting data at potential risk. Successful exploitation could lead to command execution, granting unauthorized access or data manipulation. Users are strongly advised to apply the necessary patches to mitigate this vulnerability. Failure to do so may result in significant data breaches or system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zVPFsj
https://www.cve.org/CVERecord?id=CVE-2024-9678
https://nvd.nist.gov/vuln/detail/CVE-2024-9678

Back to Vulnerability Database

CVE-2024-9678

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations