Lucene search
VmwareVULNRICHMENT:CVE-2024-22261HistoryJun 10, 2024 - 11:25 p.m.
CVE-2024-22261 SQL Injection in Harbor scan log API
2024-06-1023:25:32
CWE-566
vmware
github.com
4
cve-2024-22261
sql injection
harbor
privilege escalation
task ids leakage
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
SQL-Injection in Harbor allows priviledge users to leak the task IDs
CNA Affected
[
{
"repo": "https://github.com/goharbor",
"vendor": "Harbor",
"product": "Harbor",
"versions": [
{
"status": "affected",
"version": "2.8.1",
"versionType": "custom",
"lessThanOrEqual": "2.8.5"
},
{
"status": "affected",
"version": "2.9.0",
"versionType": "custom",
"lessThanOrEqual": "2.9.3"
},
{
"status": "affected",
"version": "2.10.0",
"versionType": "custom",
"lessThanOrEqual": "2.10.1"
}
],
"packageName": "Harbor",
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
CVE-2024-22261 SQL Injection in Harbor scan log API
2024-06-10 23:25:32
osv
osv
SQL Injection in Harbor scan log API in github.com/goharbor/harbor
2024-06-14 13:41:08
SQL Injection in Harbor scan log API
2024-06-02 22:32:40
veracode
veracode
SQL Injection
2024-06-05 06:50:49
nvd
nvd
CVE-2024-22261
2024-06-11 00:15:13
cve
cve
CVE-2024-22261
2024-06-11 00:15:13
github
github
SQL Injection in Harbor scan log API
2024-06-02 22:32:40
CVSS3
2.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-22261