CVE-2023-3377

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 23, 2023

Updated: Nov 30, 2023

CWE ID 89

Summary

CVE-2023-3377 is a significant SQL Injection vulnerability affecting Veribilim Software's Computer Veribase through November 2023. The flaw stems from the software's failure to neutralize special elements in SQL commands, rendering it susceptible to malicious SQL injection attacks. Notably, the vendor was contacted regarding this disclosure but did not respond, increasing the urgency for affected organizations to take action to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/th34MC
https://www.cve.org/CVERecord?id=CVE-2023-3377
https://nvd.nist.gov/vuln/detail/CVE-2023-3377

Back to Vulnerability Database

CVE-2023-3377

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations