Lucene search
HistoryMay 03, 2024 - 1:15 a.m.
CVE-2024-34031
delta electronics diaenergie
sql injection
handler_cfg.ashx
authenticated attacker
system compromise
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0
Percentile
9.0%
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.
Related
cvelist
cvelist
CVE-2024-34031 SQL Injection vulnerability in Delta Electronics DIAEnergie
2024-05-03 00:18:13
vulnrichment
vulnrichment
CVE-2024-34031 SQL Injection vulnerability in Delta Electronics DIAEnergie
2024-05-03 00:18:13
cve
cve
CVE-2024-34031
2024-05-03 01:15:47
ics
ics
Delta Electronics DIAEnergie
2024-05-02 12:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-34031