CVE-2024-2865

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 25, 2024

CWE ID 89

Summary

CVE-2024-2865 is an SQL Injection vulnerability affecting Mergen Software's Quality Management System up to version 25032024. An attacker can exploit this issue by neutralizing special elements in SQL commands in a way that allows SQL Injection, potentially leading to unauthorized data access or manipulation. This vulnerability poses a significant security risk and requires immediate attention and patching from system administrators. Organizations using the affected software version are advised to implement security measures and upgrade to a patched version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vB0H2V
https://www.cve.org/CVERecord?id=CVE-2024-2865
https://nvd.nist.gov/vuln/detail/CVE-2024-2865

Back to Vulnerability Database

CVE-2024-2865

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations