CVE-2024-6917

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 12, 2024

Updated: Aug 13, 2024

CWE ID 78

Summary

CVE-2024-6917 is a critical OS Command Injection vulnerability affecting the Veribase Order Management system before version 4.010.2. An attacker can exploit this vulnerability by improperly neutralizing special elements in an operating system command, leading to the execution of arbitrary commands. The impact of this issue includes potential unauthorized system access, data theft, and other serious consequences. Organizations using the affected version of Veribase Order Management are urged to apply the necessary patch or update as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xHKLfG
https://www.cve.org/CVERecord?id=CVE-2024-6917
https://nvd.nist.gov/vuln/detail/CVE-2024-6917

Back to Vulnerability Database

CVE-2024-6917

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations