- Description
- Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
- Source
- psirt@arista.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.3
- Impact score
- 5.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
- Severity
- HIGH
- psirt@arista.com
- CWE-89
- Hype score
- Not currently trending
New post from https://t.co/uXvPWJy6tj (CVE-2024-9134 | Arista Edge Threat Management up to 17.1.1 sql injection) has been published on https://t.co/E33d9a9FFD
@WolfgangSesin
11 Jan 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowin… https://t.co/YbWEM1bvLi
@CVEnew
10 Jan 2025
447 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-9134: HIGH] Critical SQL Injection vulnerabilities found in the reporting app grant advanced users access to execute commands on the OS with elevated privileges. Prioritize security fixes now!#cybersecurity,#vulnerability https://t.co/m6tZhyT3ZX https://t.co/UE8xYgVLVT
@CveFindCom
10 Jan 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes