Overview
- Description
- A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delFile/delDifferCourseList of the file /com/esafenet/servlet/ajax/PublicDocInfoAjax.java. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- cna@vuldb.com
- CWE-89
Social media
- Hype score
- Not currently trending
🚨 CVE-2024-10595 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Ensure your systems are updated to the latest patches to mitigate risks. For detailed remediation steps, visit: https://t.co/sHwhJfdn70 #CyberSecurity… https://t.co/9dD1Pfg
@transilienceai
4 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10595 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Users are urged to update to the latest patched version immediately to mitigate risks. For more details, visit: https://t.co/sHwhJfdn70 #CyberSecurity #Vulnerability… https
@transilienceai
4 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10595 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Ensure your systems are updated to the latest patches to mitigate risks. For detailed remediation steps, visit: https://t.co/kOGTaxxQD0 #CyberSecurity… https://t.co/h8mVQS4
@transilienceai
4 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10595 A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delFile/delDifferCourseList of the file … https://t.co/UmBd6D3Yvz
@CVEnew
31 Oct 2024
430 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:esafenet:cdg:5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94F213FF-17EB-4B99-9621-80792AD14A74"
}
],
"operator": "OR"
}
]
}
]