How severe is CVE-2022-24691?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2022-24691?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2022-24691

HIGH Year: 2022

CVSS v3 Score

7.1

High

Weakness Type

CWE-89

View all →

Vulnerability Description

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based.

CVE-2016-1393

HIGH

CVSS:7.1(High)

SQL injection vulnerability in Cisco Cloud Network Automation Provisioner (CNAP) 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy7217...

CWE-892016

CVE-2016-9992

HIGH

CVSS:7.1(High)

IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or d...

CWE-892016

CVE-2016-9993

HIGH

CVSS:7.1(High)

CWE-892016

CVE-2016-9994

HIGH

CVSS:7.1(High)

CWE-892016

CVE-2020-14349

HIGH

CVSS:7.1(High)

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in a...

CWE-892020

CVE-2020-15108

HIGH

CVSS:7.1(High)

In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1.

CWE-892020

CVE-2022-24691

Vulnerability Description

Related Vulnerabilities

CVE-2016-1393

CVE-2016-9992

CVE-2016-9993

CVE-2016-9994

CVE-2020-14349

CVE-2020-15108