Overview
- Description
- Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
- Source
- secure@intel.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- secure@intel.com
- CWE-1336
Social media
- Hype score
- Not currently trending
CVE-2024-39766 SQL Injection Vulnerability in Intel Neural Compressor Pre-v3.0 Some versions of Intel(R) Neural Compressor software, before version v3.0, have an issue. They don't handle special elements in SQL c... https://t.co/HXxsNvYlNP
@VulmonFeeds
14 Nov 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-39766 Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to pot… https://t.co/jp9LRkEHFF
@CVEnew
13 Nov 2024
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes