CVE-2024-9678

Name of the Vulnerable Software and Affected Versions DLP Extension version 11.11.1.3

Description A vulnerability existed that allowed an attacker to perform arbitrary SQL queries, potentially leading to command execution. This issue was related to an SQL Injection vulnerability.

Recommendations For DLP Extension version 11.11.1.3, consider disabling or restricting access to the SQL query functionality until a patch is available. As a temporary workaround, restrict the ability to execute arbitrary SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.