How severe is CVE-2024-38889?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.6 out of 10.

What type of vulnerability is CVE-2024-38889?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2024-38889

CRITICAL Year: 2024

CVSS v3 Score

9.6

Critical

Weakness Type

CWE-89

View all →

Vulnerability Description

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command.

CVE-2022-0153

CRITICAL

CVSS:9.6(Critical)

SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.

CWE-892022

CVE-2022-1883

CRITICAL

CVSS:9.6(Critical)

SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.

CWE-892022

CVE-2023-39336

CRITICAL

CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve o...

CWE-892023

CVE-2024-29822

CRITICAL

CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

CWE-892024

CVE-2024-29823

CRITICAL

CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

CWE-892024

CVE-2024-29824

CRITICAL

CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

CWE-892024

CVE-2024-38889

Vulnerability Description

Related Vulnerabilities

CVE-2022-0153

CVE-2022-1883

CVE-2023-39336

CVE-2024-29822

CVE-2024-29823

CVE-2024-29824