Lucene search
HistoryMay 03, 2024 - 1:15 a.m.
CVE-2024-34032
delta electronics diaenergie
sql injection
getdiacloudlist
authenticated attacker
system compromise
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0
Percentile
9.0%
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.
Related
vulnrichment
vulnrichment
CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie
2024-05-03 00:16:40
cve
cve
CVE-2024-34032
2024-05-03 01:15:48
cvelist
cvelist
CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie
2024-05-03 00:16:40
ics
ics
Delta Electronics DIAEnergie
2024-05-02 12:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-34032