Overview
- Description
- A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function docHistory of the file /com/esafenet/servlet/fileManagement/FileDirectoryService.java. The manipulation of the argument fileId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
🚨 CVE-2024-10594 (Published: 2024-10-31) - Critical vulnerability in ESAFENET #430050. Affects multiple versions. Immediate remediation is essential! For detailed insights and mitigation steps, visit: https://t.co/sRExebJULQ #CyberSecurity #VulnerabilityAlert #ESAFENET
@transilienceai
4 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10594 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Ensure your systems are updated to the latest patches to mitigate risks. For more details, visit: https://t.co/ivYE3XN9QP #CyberSecurity #VulnerabilityManagement #ESAFENET
@transilienceai
4 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10594 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Users are urged to update to the latest patch immediately to mitigate risks. For more details, check the link: https://t.co/3si1ozOy2w #CyberSecurity #VulnerabilityAlert
@transilienceai
4 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10594 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Users are urged to update to the latest release immediately to mitigate risks. For detailed remediation steps, visit: https://t.co/3si1ozOy2w #CyberSecurity #CVE
@transilienceai
4 Nov 2024
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10594 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Users are urged to update to the latest release to mitigate risks. For detailed remediation steps, check out the link: https://t.co/3si1ozOy2w #CyberSecurity #CVE
@transilienceai
4 Nov 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10594 Critical SQL Injection Vulnerability in ESAFENET CDG 5 Exploited A critical vulnerability is present in ESAFENET CDG 5. The issue affects the docHistory function in /com/esafenet/servlet/fileManage... https://t.co/boqjs68PCE
@VulmonFeeds
1 Nov 2024
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10594 A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function docHistory of the file /com/esafenet/servlet/fileManagement/… https://t.co/zP0w8dUOdZ
@CVEnew
31 Oct 2024
444 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:esafenet:cdg:5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94F213FF-17EB-4B99-9621-80792AD14A74"
}
],
"operator": "OR"
}
]
}
]