CVE-2022-24407 vulnerability in Cyrusimap and Other Products
Published on February 24, 2022

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2022-24407

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-24407 are published in these products:

Cyrusimap Cyrus Sasl

Debian Linux

Fedora Project Fedora

NetApp Ontap Select Deploy Administration Utility

NetApp Active Iq Unified Manager

Oracle Communications Cloud Native Core Security Edge Protection Proxy

Oracle Communications Cloud Native Core Console

Oracle Communications Cloud Native Core Network Function Cloud Native Environment

Exploit Probability

EPSS

0.88%

Percentile

74.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-24407 vulnerability in Cyrusimap and Other ProductsPublished on February 24, 2022

Products Associated with CVE-2022-24407

Exploit Probability

CVE-2022-24407 vulnerability in Cyrusimap and Other Products
Published on February 24, 2022