CVE-2024-45387
published 2024-12-23CVE-2024-45387: An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations"…
PriorityP271high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
41.84%
98.5th percentile
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.
Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | traffic_control | >= 8.0.0 < 8.0.2 | 8.0.2 |
| apache_software_foundation | apache_traffic_control | 8.0.0 – 8.0.1 | — |
| github.com | apache_trafficcontrol_v8 | >= 8.0.0 < 8.0.2 | 8.0.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →Check Point IPS signature available for this CVE: 'Apache Traffic Control SQL Injection (CVE-2024-45387)' ↗
- →Detect specially crafted HTTP PUT requests targeting Traffic Ops endpoints in Apache Traffic Control versions 8.0.0–8.0.1; SQL injection payloads delivered via PUT request body ↗
- →Monitor for privileged Traffic Ops user roles ('admin', 'federation', 'operations', 'portal', 'steering') issuing anomalous PUT requests that may contain SQL metacharacters or injection patterns ↗
- ·Vulnerability only affects Apache Traffic Control (Traffic Ops) versions 8.0.0 and 8.0.1; versions 7.x and below are NOT impacted ↗
- ·Exploitation requires a privileged authenticated user account; not exploitable by unauthenticated or low-privileged users ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
SQL injection in Apache Traffic Control in github.com/apache/trafficcontrol
osv·2025-01-07
CVE-2024-45387 SQL injection in Apache Traffic Control in github.com/apache/trafficcontrol
SQL injection in Apache Traffic Control in github.com/apache/trafficcontrol
SQL injection in Apache Traffic Control in github.com/apache/trafficcontrol
GHSA
SQL injection in Apache Traffic Control
ghsa·2024-12-23
CVE-2024-45387 [HIGH] CWE-89 SQL injection in Apache Traffic Control
SQL injection in Apache Traffic Control
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.
Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
OSV
SQL injection in Apache Traffic Control
osv·2024-12-23
CVE-2024-45387 [HIGH] SQL injection in Apache Traffic Control
SQL injection in Apache Traffic Control
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.
Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
No detection rules found.
No public exploits indexed.
Checkpoint
30th December – Threat Intelligence Report
blogs_checkpoint·2024-12-30·CVSS 9.8
CVE-2024-50623 [CRITICAL] 30th December – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 30th December – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 30th December, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
The Clop ransomware gang exploited a zero-day vulnerability (CVE-2024-50623) in Cleo’s Secure File Transfer products and is extorting 66 companies following alleged data theft. The attackers have given the victims 48 hours to initiate ransom negotiations before publicly disclosing their identities. This incident mirrors
Bleepingcomputer
Apache warns of critical flaws in MINA, HugeGraph, Traffic Control
blogs_bleepingcomputer·2024-12-26·CVSS 9.8
CVE-2024-52046 [CRITICAL] Apache warns of critical flaws in MINA, HugeGraph, Traffic Control
## Apache warns of critical flaws in MINA, HugeGraph, Traffic Control
## Bill Toulas
The Apache Software Foundation has released security updates to address three severe problems that affect MINA, HugeGraph-Server, and Traffic Control products.
The vulnerabilities were patched in new software versions released between December 23 and 25. However, the holiday period may lead to a slower patching rate and increased risk of exploitation.
One of the bugs is tracked as CVE-2024-52046 and impacts MINA versions 2.0 through 2.0.26, 2.1 through 2.1.9, and 2.2 through 2.2.3. The issue received a critical severity score of 10 out of 10 from the Apache Software Foundation
Apache MINA is a network application framework that provides an abstraction layer for developing high-performance and scalable
2024-12-23
Published