CVE-2024-4228

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.

This issue affects SSO (Single Sign On): from 1.0 before 1.1.

Affected Software

VendorProductVersion RangeStatus
Magarsus ConsultancySSO (Single Sign On)1.0 < 1.1affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor
  • CWE - 522 - Insufficiently Protected Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References