CVE-2024-23843

LOW

Genians Genian NAC <5.0.60 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Genians Genian NAC V5.0, Genians Genian NAC LTS V5.0.This issue affects Genian NAC V5.0: from V5.0.0 through V5.0.60; Genian NAC LTS V5.0: from 5.0.0 LTS through 5.0.55 LTS(Revision 125558), from 5.0.0 LTS through 5.0.56 LTS(Revision 125560).

References (1)

Core 1

Scores

CVSS v3 2.2
EPSS 0.0025
EPSS Percentile 15.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (3)
Genians/Genian NAC LTS V5.0 5.0.0 LTS - 5.0.55 LTS(Revision 125558)
Genians/Genian NAC LTS V5.0 5.0.0 LTS - 5.0.56 LTS(Revision 125560)
Genians/Genian NAC V5.0 V5.0.0 - V5.0.60
Published Oct 28, 2024
Tracked Since Feb 18, 2026