Overview
- Description
- A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- cna@vuldb.com
- CWE-89
Social media
- Hype score
- Not currently trending
🚨 CVE-2024-10596 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Users are urged to update to the latest patch immediately to mitigate risks. For detailed remediation steps, visit: https://t.co/yMjLIU86ks #CyberSecurity #CVE
@transilienceai
4 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-10596 (Published: 2024-10-31) - A critical vulnerability in ESAFENET affects multiple versions. Users are urged to update to the latest patched version immediately to mitigate risks. For more details, check the link: https://t.co/yMjLIU86ks #CyberSecurity #CVE
@transilienceai
4 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10596 Critical Remote SQL Injection in ESAFENET CDG 5 Disclosed Publicly A serious problem was found in ESAFENET CDG 5. It's a critical issue in the function delEntryptPolicySort in the file /com/esafene... https://t.co/28V1DPGEST
@VulmonFeeds
1 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10596 A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/serv… https://t.co/0a6RUEMjHW
@CVEnew
31 Oct 2024
498 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:esafenet:cdg:5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94F213FF-17EB-4B99-9621-80792AD14A74"
}
],
"operator": "OR"
}
]
}
]