exploitDog

CVE-2024-45199

Опубликовано: 03 апр. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

insightsoftware Hive JDBC through 2.6.13 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution.

Ссылки

https://gist.github.com/azraelxuemo/d019ad079d540ef28870dbd9552a7c62

EPSS

Процентиль: 50%

0.00274

Низкий

8.8 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-8m52-qhhm-24hg

CVSS3: 8.8

github

10 месяцев назад

insightsoftware Hive JDBC through 2.6.13 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution.

EPSS

Процентиль: 50%

0.00274

Низкий

8.8 High

CVSS3

Дефекты

CWE-94