mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
90 lines
3.2 KiB
JSON
90 lines
3.2 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-12706",
|
|
"ASSIGNER": "security@opentext.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText\u2122 Digital Asset Management. T\n\nhe vulnerability could allow an authenticated user to run arbitrary SQL commands on the underlying database. \n\nThis issue affects Digital Asset Management.: through 24.4."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
|
|
"cweId": "CWE-89"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "OpenText\u2122",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Digital Asset Management.",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "0",
|
|
"version_value": "24.4"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0840263",
|
|
"refsource": "MISC",
|
|
"name": "https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0840263"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0840263\">Support articles, alerts & useful tools - SQL Injection vulnerability discovered in OpenText\u2122 Digital Asset Management.</a>\n\n<br>"
|
|
}
|
|
],
|
|
"value": "Support articles, alerts & useful tools - SQL Injection vulnerability discovered in OpenText\u2122 Digital Asset Management. https://support.opentext.com/csm"
|
|
}
|
|
],
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Joe Haskins, Edgescan"
|
|
}
|
|
]
|
|
} |