CVE-2024-49588

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Nov 21, 2024

CWE ID 89

Summary

CVE-2024-49588: Oracle's `oracle-sidecar` versions 0.347.0 to 0.543.0 contain multiple SQL injection vulnerabilities in various endpoints. Attackers can exploit these weaknesses by inputting malicious SQL queries, potentially gaining unauthorized access or performing unintended database actions. This issue poses a significant risk, especially in environments that rely on the `oracle-sidecar` for critical operations. Users are advised to upgrade to the latest version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zjxEDU
https://www.cve.org/CVERecord?id=CVE-2024-49588
https://nvd.nist.gov/vuln/detail/CVE-2024-49588

Back to Vulnerability Database

CVE-2024-49588

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations