CVE-2024-39368

Summary

Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Affected Software

VendorProductVersion RangeStatus
n/aIntel(R) Neural Compressor softwarebefore version v3.0affected

Weaknesses

  • escalation of privilege
  • CWE-89: Improper neutralization of special elements used in an SQL command ('SQL Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References