Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges.
History

Tue, 20 Aug 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Keyfactor
Keyfactor command
Weaknesses CWE-269
CWE-89
CPEs cpe:2.3:a:keyfactor:command:*:*:*:*:*:*:*:*
Vendors & Products Keyfactor
Keyfactor command
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 20 Aug 2024 14:15:00 +0000

Type Values Removed Values Added
Description Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-08-20T00:00:00

Updated: 2024-08-20T17:51:25.809Z

Reserved: 2024-04-27T00:00:00

Link: CVE-2024-33872

cve-icon Vulnrichment

Updated: 2024-08-20T17:51:19.082Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-20T14:15:08.750

Modified: 2024-08-20T18:35:05.357

Link: CVE-2024-33872

cve-icon Redhat

No data.