CVE-2024-9982

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 15, 2024

CWE ID 89

Summary

CVE-2024-9982 is a vulnerability affecting the AIM LINE Marketing Platform by Esi Technology. This issue arises due to inadequate validation of a query parameter. When the LINE Campaign Module is enabled, an unauthenticated attacker can inject malicious FetchXml commands, allowing them to read, modify, or delete sensitive database information. This vulnerability poses a significant risk to the confidentiality, integrity, and availability of affected systems. Organizations using the AIM LINE Marketing Platform should update to the latest version or implement proper input validation techniques to mitigate this exposure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zgmZks
https://www.cve.org/CVERecord?id=CVE-2024-9982
https://nvd.nist.gov/vuln/detail/CVE-2024-9982

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-9982

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations