CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9194

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server on Windows, Linux allows SQL Injection.This issue affects Octopus Server: from 2024.1.0 before 2024.1.13038, from 2024.2.0 before 2024.2.9482, from 2024.3.0 before 2024.3.12766.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.0%

CVSS Severity

CVSS v3 Score 9.8

References

https://advisories.octopus.com/post/2024/sa2024-09/

Products affected by CVE-2024-9194

Octopus » Octopus Server » Version: 2024.1.11127

cpe:2.3:a:octopus:octopus_server:2024.1.11127
Octopus » Octopus Server » Version: 2024.1.12087

cpe:2.3:a:octopus:octopus_server:2024.1.12087
Octopus » Octopus Server » Version: 2024.1.12759

cpe:2.3:a:octopus:octopus_server:2024.1.12759
Octopus » Octopus Server » Version: 2024.1.12931

cpe:2.3:a:octopus:octopus_server:2024.1.12931
Octopus » Octopus Server » Version: 2024.1.437

cpe:2.3:a:octopus:octopus_server:2024.1.437
Octopus » Octopus Server » Version: 2024.2.101

cpe:2.3:a:octopus:octopus_server:2024.2.101
Octopus » Octopus Server » Version: 2024.2.2075

cpe:2.3:a:octopus:octopus_server:2024.2.2075
Octopus » Octopus Server » Version: 2024.2.9193

cpe:2.3:a:octopus:octopus_server:2024.2.9193
Octopus » Octopus Server » Version: 2024.2.9313

cpe:2.3:a:octopus:octopus_server:2024.2.9313
Octopus » Octopus Server » Version: 2024.3.164

cpe:2.3:a:octopus:octopus_server:2024.3.164
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9194

Products

Pricing

Contact Us