CVE-2023-37361

CVSS 3.1 Score 2.7 of 10 (low)

Details

Published Jul 25, 2023

Updated: Jul 31, 2023

CWE ID 89

Summary

CVE-2023-37361 is a vulnerability affecting REDCap 12.0.26 LTS and 12.3.2 Standard. This issue enables SQL injection attacks through several entry points, including scheduling, repeatforms, purpose, app_title, and randomization. An attacker can exploit this vulnerability to execute malicious SQL queries, potentially leading to unauthorized data access or manipulation, making it crucial for REDCap users to update their systems to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Vanderbilt Redcap

Affected Vendors

Vanderbilt

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r1hhN1
https://www.cve.org/CVERecord?id=CVE-2023-37361
https://nvd.nist.gov/vuln/detail/CVE-2023-37361

Back to Vulnerability Database