exploitDog

CVE-2024-34032

Опубликовано: 03 мая 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.

Ссылки

https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-02
US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-02
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltaww:diaenergie:1.10.00.005:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00782

Низкий

8.8 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-w3w9-w55m-2gwf

CVSS3: 8.8

github

почти 2 года назад

Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.

EPSS

Процентиль: 73%

0.00782

Низкий

8.8 High

CVSS3

Дефекты

CWE-89