5 matches found
K000149289: Apache Traffic Control vulnerability CVE-2024-45387
Security Advisory Description An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request...
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
The Apache Software Foundation ASF has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language SQL commands in the database. The SQL injection vulnerability, tracked as...
CVE-2024-45387
creationtimestamp| type| source ---|---|--- 2024-12-23 18:20:06+00:00| seen| https://t.me/cvedetector/13540 2024-12-25 10:30:58+00:00| seen| https://bsky.app/profile/bolhasec.com/post/3le4qwtmp262a 2024-12-25 12:30:00+00:00| seen|...
CVE-2024-45387
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request. Users are recommended to upgrad...
CVE-2024-45387 Apache Traffic Control: SQL Injection in Traffic Ops endpoint PUT deliveryservice_request_comments
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request. Users are recommended to upgrad...