CVE-2024-7477

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-89
View all →

Vulnerability Description

A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.

Related Vulnerabilities

CVE-2020-3184

MEDIUM
CVSS:6.7(Medium)

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected s...

CWE-892020

CVE-2022-0362

MEDIUM
CVSS:6.7(Medium)

SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.

CWE-892022

CVE-2023-0620

MEDIUM
CVSS:6.7(Medium)

HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL (MSSQL) Database Storage Backend. When configuring the M...

CWE-892023

CVE-2023-1578

MEDIUM
CVSS:6.7(Medium)

SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.19.

CWE-892023

CVE-2023-46806

MEDIUM
CVSS:6.7(Medium)

An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.

CWE-892023

CVE-2023-46807

MEDIUM
CVSS:6.7(Medium)

An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.

CWE-892023