CVE-2024-46542

Name of the Vulnerable Software and Affected Versions Veritas / Arctera Data Insight versions prior to 7.1.1

Description The issue allows Application Administrators to conduct SQL injection attacks, potentially leading to information disclosure. This is due to improper neutralization of special elements used in an SQL command.

Recommendations For versions prior to 7.1.1, update to version 7.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive SQL commands or disabling the ability for Application Administrators to execute SQL queries until a patch is applied.