CVE-2024-55971

Sažetak

SQL Injection vulnerability in the default configuration of the Logitime WebClock application <= 5.43.0 allows an unauthenticated user to run arbitrary code on the backend database server.

Reference

https://en.logitime.com/time-attendance/
https://nl.logitime.com/
https://nl.logitime.com/download/webclock-v5-43-0-13-12-2024/
https://tulling.dev/disclosures/cve-2024-55971/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

23-01-2025 - 16:15

Objavljeno

23-01-2025 - 16:15