Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:4 a.m.6 views

CVE-2024-51165

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

7.5CVSS7.6AI score0.00591EPSS
Exploits1References1
NVD
NVD
added 2024/12/10 8:15 p.m.25 views

CVE-2024-51165

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

7.5CVSS0.00591EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/12/10 12:0 a.m.9 views

CVE-2024-51165

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

7.4AI score0.00591EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/10 12:0 a.m.28 views

CVE-2024-51165

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

0.00591EPSS
Exploits1References2
CVE
CVE
added 2024/12/10 12:0 a.m.68 views

CVE-2024-51165

The CVE-2024-51165 issue affects JEPAAS version 7.2.8. A SQL injection vulnerability exists in the /je/rbac/rbac/loadLoginCount endpoint, exploitable through the dateVal parameter to submit a crafted query and exfiltrate all database information. This is documented in Red Hat and NVD entries, whi...

7.5CVSS7.5AI score0.00591EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder