- Description
- An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request. Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
- Source
- security@apache.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
🚨 Apache released critical patches for Traffic Control, HugeGraph-Server, & Tomcat! Fixes include SQL injection (CVE-2024-45387) & RCE. Update ASAP to stay secure! 🔒 #CyberSecurity #Apache #infosecurity #NewYear #BugBounty https://t.co/7QAi1ZQHcr
@safeyourweb
5 Jan 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2024-45387 Alert! Exposor makes finding this vulnerability easier with @shodanhq , @zoomeye_team , @fofabot , & @censysio integration. Try Exposor: https://t.co/IfFbQmFHHg Detect the technology here: apache_traffic_control.yaml
@abuyv
2 Jan 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387❗️ An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 🔎Exploit: https://t.co/yHieTHVtjB 🔎 HUNTER: https://t.co/G5LwnS1NbE="Apache Traffic Server" 🔎 Fofa: product="APACHE-Traffic-Server" https://t.co/50ZbOR29j3
@HackingTeam777
1 Jan 2025
1003 Impressions
11 Retweets
29 Likes
12 Bookmarks
0 Replies
0 Quotes
exploit-dev/CVE-2024-45387-PoC.py at main · aufzayed/exploit-dev · GitHub https://t.co/PF8LTF4nFB
@akaclandestine
31 Dec 2024
763 Impressions
2 Retweets
4 Likes
3 Bookmarks
0 Replies
0 Quotes
exploit-dev/CVE-2024-45387-PoC.py at main · aufzayed/exploit-dev · GitHub https://t.co/PF8LTF3PQ3
@akaclandestine
31 Dec 2024
632 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
CRITICAL security flaw (CVE-2024-45387) in Apache Traffic Control allows SQL injection. Update to 8.0.2 ASAP! #ApacheTrafficControl #SQLInjection #Cybersecurity https://t.co/uIlp69J3sK
@TLDRStories
30 Dec 2024
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VULNERABILITIES AND PATCHES A critical SQL injection vulnerability (CVE-2024-45387), rated 9.9 on the CVSS scale, has been identified in Apache Traffic Control versions 8.0.0 and 8.0.1.
@archie_sham
30 Dec 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Exploit Code released for Apache Traffic Control Flaw CVE-2024-45387 #ApacheTrafficControl #CVE-2024-45387 #ExploitCode https://t.co/Cwhfxhtlrq
@pravin_karthik
30 Dec 2024
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387: Critical SQLi in Apache Traffic Control (v8.0.0-8.0.1). PoC out. Risk: High. Impact: DB control. TTP: T1190. #infosec #cyber #security https://t.co/QECwoG9kgU
@gothburz
30 Dec 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387: Apache Traffic Control'deki Kritik SQL Enjeksiyon Açığına Yönelik PoC Yayınlandı https://t.co/Uob3l1u2AP
@cyberwebeyeos
30 Dec 2024
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387: PoC Published for Critical SQL Injection in Apache Traffic Control https://t.co/e9YHvKF78w
@Dinosn
30 Dec 2024
2392 Impressions
6 Retweets
24 Likes
11 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387: PoC Published for Critical SQL Injection in Apache Traffic Control With a PoC exploit already circulating and a near-perfect CVSS score, CVE-2024-45387 is a significant threat to organizations using Apache Traffic Control https://t.co/zL3HbsWhvH
@the_yellow_fall
30 Dec 2024
331 Impressions
3 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
2/10 CVE-2024-45387 allows privileged users to execute arbitrary SQL commands with a crafted PUT request. Severity 9.9! #HighRisk #SecurityVulnerabilities
@Eth1calHackrZ
28 Dec 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1/10 ⚠️ Urgent Alert! Critical SQL Injection Vulnerability in Apache Traffic Control (CVE-2024-45387). Update to version 8.0.2 now! #CyberSecurity #ApacheTrafficControl #SQLInjection
@Eth1calHackrZ
28 Dec 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 (CVSS:9.9, CRITICAL) is Awaiting Analysis. An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with..https://t.co/oull4U3RvH #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mit
@cracbot
28 Dec 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ مستخدمي Apache Traffic Control- تم العثور على عيب في حقن SQL (CVE-2024-45387)، مما يتيح للمهاجمين تنفيذ الأوامر مباشرة في قاعدة البيانات الخاصة بك. يمكن استغلال هذا الخلل بسهولة عن طريق إرسال طلب PUT معد خصيصًا. (1/2)
@CERT_Arabic
27 Dec 2024
21 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
#Vulnerability #ApacheTrafficControl CVE-2024-45387 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Apache Traffic Control https://t.co/1jIVWBB22A
@Komodosec
27 Dec 2024
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 (CVSS:9.9, CRITICAL) is Awaiting Analysis. An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with..https://t.co/oull4U3RvH #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mit
@cracbot
27 Dec 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387: Apache Traffic Control SQL Injection #cybersecurity #trending #breakingnews #latest #news https://t.co/sCYeTVmT8T
@cyashadotcom
26 Dec 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commands: https://t.co/I4YJHCMJL5 A critical SQL injection vulnerability, CVE-2024-45387, has been found in Apache Traffic Control versions 8.0.0 to 8.0.1, with a CVSS score of 9.9. It allows privileged… htt
@securityRSS
26 Dec 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 | Apache Traffic Control'da Kritik SQL Injection https://t.co/saTM2xVNpF
@SiberWebTR
26 Dec 2024
0 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical SQL injection vulnerability (CVE-2024-45387) has been found in Apache Traffic Control, scoring 9.9 on CVSS. Users should upgrade to version 8.0.2 to protect sensitive data. 🛡️ #DataProtection #ApacheTraffic #CybersecurityNews link: https://t.co/rCtK1JT4M0 https://t.c
@TweetThreatNews
26 Dec 2024
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-53961 2 - CVE-2024-9474 3 - CVE-2024-30085 4 - CVE-2024-45387 5 - CVE-2024-12744 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Dec 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨CVE-2024-45387 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Apache Traffic Control 📊 365k+ Services are found on https://t.co/ysWb28BTvF yearly. 🔗Hunter Link: https://t.co/uDNjdMcd6M 👇Query HUNTER :/product.name="Apache Traffic Server" FOFA :… https://t.c
@HunterMapping
26 Dec 2024
3766 Impressions
18 Retweets
63 Likes
22 Bookmarks
0 Replies
0 Quotes
Apache Traffic Control SQL Injection PoC Exploit (CVE-2024-45387) In collaboration with @Mohamed_A_R_1 PoC Link: https://t.co/Dj9je13RcX #Infosec #Cybersecurity #BugBounty #Exploit #Zeroday https://t.co/p3KziqJpJM
@aufzayed
26 Dec 2024
3761 Impressions
10 Retweets
94 Likes
43 Bookmarks
1 Reply
1 Quote
Apache Traffic Controlに重大なSQLインジェクションの脆弱性(CVE-2024-45387、CVSS 9.9) https://t.co/31yvlrGBoU #izumino_trend
@sec_trend
26 Dec 2024
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Apache Software Foundation released security updates to address a critical security vulnerability, tracked as CVE-2024-45387 (CVSS score 9.9), in Traffic Control. https://t.co/p7RUnQ1Zve #Apache #vulnerability #critical #cve #CybersecurityNews #cybersecurity #threatresq
@ThreatResq
26 Dec 2024
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Apache Traffic Controlに重大なSQLインジェクションの脆弱性(CVE-2024-45387、CVSS 9.9) 〜サイバーアラート 12月26日〜 https://t.co/uai58w10AZ #セキュリティ #インテリジェンス #OSINT
@MachinaRecord
26 Dec 2024
116 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical SQL injection vulnerability, identified as CVE-2024-45387, has been discovered in Apache Traffic Control, a widely used open-source platform for managing large-scale content delivery networks (CDNs)#SQL #Database #CDNs #TechInnovation #Technews #CyberSecurityAwareness
@techaniruddh
25 Dec 2024
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Apache Traffic Control users—an SQL injection flaw (CVE-2024-45387) has been found, enabling attackers to execute commands directly in your database. This flaw is easily exploitable by sending a specially crafted PUT request.
@SamTechwest
25 Dec 2024
109 Impressions
0 Retweets
3 Likes
1 Bookmark
1 Reply
0 Quotes
⚠️ Apache Traffic Control users—an SQL injection flaw (CVE-2024-45387) has been found, enabling attackers to execute commands directly in your database. This flaw is easily exploitable by sending a specially crafted PUT request. https://t.co/icHW3EyNvK
@SamTechwest
25 Dec 2024
70 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Traffic Control 管理ツールにおけるSQLインジェクション脆弱性(CVE-2024-45387)CVSS 9.9 Critical について この脆弱性を悪用するには、以下の特権を持つユーザーが該当します。 "admin"、"federation"、"operations"、"portal"、"steering" 8.0.2へのアップグレードが推奨されています。 https://t.co/MS3EuF5yU2
@t_nihonmatsu
25 Dec 2024
303 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ Apache Traffic Control users—an SQL injection flaw (CVE-2024-45387) has been found, enabling attackers to execute commands directly in your database. This flaw is easily exploitable by sending a specially crafted PUT request. 🔧 How to act now: » Update to version 8.0.2
@Cyberwald_talks
25 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 Critical Bug in Apache Traffic Control #ApacheTrafficControl #CVE-2024-45387 https://t.co/KdbSIt0URt
@pravin_karthik
25 Dec 2024
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Apache Traffic Control https://t.co/qXVBZYOMbQ
@Dinosn
25 Dec 2024
3871 Impressions
12 Retweets
46 Likes
9 Bookmarks
1 Reply
0 Quotes
⚠️ Apache Traffic Control users—an SQL injection flaw (CVE-2024-45387) has been found, enabling attackers to execute commands directly in your database. This flaw is easily exploitable by sending a specially crafted PUT request. 🔧 How to act no... https://t.co/vxxFrwD3Pk
@IT_news_for_all
25 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Apache Traffic Control users—an SQL injection flaw (CVE-2024-45387) has been found, enabling attackers to execute commands directly in your database. This flaw is easily exploitable by sending a specially crafted PUT request. 🔧 How to act now: » Update to version 8.0.2… htt
@TheHackersNews
25 Dec 2024
17300 Impressions
38 Retweets
86 Likes
23 Bookmarks
1 Reply
7 Quotes
CVE-2024-45387: Apache Traffic Control’da Kritik SQL Enjeksiyonu Açığı https://t.co/BqmtRCP5Ct
@cyberwebeyeos
25 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2024-45387 (CVSS: 9.9) : Critical SQL Injection Vulnerability Found in Apache Traffic Control ⚠️This flaw could allow attackers to execute malicious SQL code, potentially compromising sensitive data and disrupting critical services. Search for Apache Traffic aplication.…
@zoomeye_team
25 Dec 2024
410 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🗣 CVE-2024-45387 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Apache Traffic Control https://t.co/f4B0ao6Qv4
@fridaysecurity
25 Dec 2024
75 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Apache Traffic Control Stay informed about the critical security flaw in Apache Traffic Control. Learn how this vulnerability could compromise data and disrupt services. https://t.co/Lq5xXqjpyp
@the_yellow_fall
25 Dec 2024
392 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE Alert: CVE-2024-45387 - https://t.co/JGGxt9HSmR #OSINT #ThreatIntel #CyberSecurity #cve_2024_45387
@RedPacketSec
24 Dec 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 SQL Injection Vulnerability in Apache Traffic Control Traffic Ops In Apache Traffic Control versions up to 8.0.1 and starting from 8.0.0, Traffic Ops has an SQL injection vulnerability. Users with ... https://t.co/Wo9X4b71iA
@VulmonFeeds
23 Dec 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-45387: CRITICAL] SQL injection vulnerability in Apache Traffic Control <=8.0.1, >=8.0.0 allows admin users to execute arbitrary SQL. Upgrade to version 8.0.2 for protection. #cybersecurity#cybersecurity,#vulnerability https://t.co/1GadsuEZvN https://t.co/liJTCepNt
@CveFindCom
23 Dec 2024
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-45387 An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role "admin", "federation", "operations", "po… https://t.co/19N0EVupV1
@CVEnew
23 Dec 2024
269 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:traffic_control:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6AE68C0-8A9B-48D1-8CE5-F10D4D9A6D55",
"versionEndExcluding": "8.0.2",
"versionStartIncluding": "8.0.0"
}
],
"operator": "OR"
}
]
}
]