PT-2026-20901 · Delinea · Delinea Cloud Suite
Jess Parker
+1
·
Published
2026-02-19
·
Updated
2026-02-23
·
CVE-2026-2409
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N |
Name of the Vulnerable Software and Affected Versions
Delinea Cloud Suite versions prior to 25.2 HF1
Description
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability exists in Delinea Cloud Suite, allowing argument injection. The issue affects the application's handling of SQL queries, potentially allowing an attacker to manipulate database operations.
Recommendations
Update Delinea Cloud Suite to version 25.2 HF1 or later.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Delinea Cloud Suite