CVE-2024-0971

CWE-89SQL Injection3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 68.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenable Nessus
Timeline
PublishedFeb 7

Description

A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5tenable/nessus< 10.7.0
NVDtenable/nessus< 10.7.0

🔴Vulnerability Details

2
GHSA
GHSA-2j63-x9pq-h9wc: A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content2024-02-07
CVEList
CVE-2024-0971: A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could potentially alter scan DB content2024-02-06
CVE-2024-0971 (MEDIUM CVSS 6.5) | A SQL injection vulnerability exist | cvebase.io