CVE-2024-6795
CVSS V2 None
CVSS V3 None
Description
In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.
An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content
and/or perform administrative operations including shutting down the database.
Overview
- CVE ID
- CVE-2024-6795
- Assigner
- Baxter
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-09T19:24:01.776Z
- Last Modified Date
- 2024-09-09T20:08:01.134Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-249-01 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-6795 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6795 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-09-10 13:06:27 | Added to TrackCVE |