Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-24407  

A flaw was found in the SQL plugin shipped with Cyrus SASL. Failure to properly escape the SQL input allows a remote attacker to execute arbitrary SQL commands. This issue can lead to the escalation of privileges.

Source

Description

A flaw was found in the SQL plugin shipped with Cyrus SASL. Failure to properly escape the SQL input allows a remote attacker to execute arbitrary SQL commands. This issue can lead to the escalation of privileges.

Statement

This flaw affects versions of Cyrus SASL between 2.1.16 and 2.1.28.

This flaw affects versions of Cyrus SASL between 2.1.16 and 2.1.28.

Additional Information

  • Bugzilla 2055326: CVE-2022-24407 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
  • CWE-20->CWE-89: Improper Input Validation leads to Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • FAQ: Frequently asked questions about CVE-2022-24407

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started