Overview
- Description
- Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
- Source
- secure@intel.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- secure@intel.com
- CWE-89
Social media
- Hype score
- Not currently trending
CVE-2024-39368 SQL Injection Vulnerability in Intel Neural Compressor Pre-v3.0 Before version v3.0, some Intel(R) Neural Compressor software has an SQL Injection vulnerability. This happens because special elemen... https://t.co/IcoOupbyOx
@VulmonFeeds
14 Nov 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-39368: HIGH] Beware! Intel Neural Compressor software v3.0 and before may be vulnerable to SQL Injection attacks. Upgrade to prevent privilege escalation. #cybersecurity#cybersecurity,#vulnerability https://t.co/Lmvy9naZob https://t.co/pqMt9dTmee
@CveFindCom
13 Nov 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes