N/A - CVE-2024-9971

Executive Summary

Informations
Name	CVE-2024-9971	First vendor Publication	2024-10-15
Vendor	Cve	Last vendor Modification	2024-10-17

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

The specific query functionality in the FlowMaster BPM Plus from NewType does not properly restrict user input, allowing remote attackers with regular privileges to inject SQL commands to read, modify, or delete database contents.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9971

CPE : Common Platform Enumeration

Type	Description	Count
Application	Newtype Flowmaster Bpm Plus cpe:2.3:a:newtype:flowmaster_bpm_plus::::::::	1

Sources (Detail)

https://www.twcert.org.tw/en/cp-139-8139-4daab-2.html
https://www.twcert.org.tw/tw/cp-132-8138-d2bb7-1.html

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-25 14:14:43	Multiple Updates
2024-10-18 00:27:45	Multiple Updates
2024-10-16 02:53:03	Multiple Updates
2024-10-16 02:53:02	Multiple Updates
2024-10-15 17:27:27	Multiple Updates
2024-10-15 09:27:27	First insertion