Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:3 a.m.8 views

CVE-2024-48890

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook...

8.8CVSS7.5AI score0.01098EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 2:15 p.m.3 views

CVE-2024-48890

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook...

8.8CVSS5.9AI score0.01098EPSS
Exploits0References1
NVD
NVD
added 2025/01/14 2:15 p.m.16 views

CVE-2024-48890

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook...

8.8CVSS0.01098EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:9 p.m.11 views

CVE-2024-48890

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook...

6.6CVSS0.01098EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:9 p.m.11 views

CVE-2024-48890

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook...

6.6CVSS6.8AI score0.01098EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 2:9 p.m.56 views

CVE-2024-48890

FortiSOAR IMAP connector (versions ≤ 3.5.7) is affected by an OS Command Injection (CWE-78) due to improper neutralization of special elements in commands. An authenticated attacker could execute unauthorized code or commands via a specially crafted playbook. Remediation: upgrade FortiSOAR IMAP c...

8.8CVSS6.8AI score0.01098EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder