First published: Thu Feb 03 2022(Updated: )
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Unifiedoffice Total Connect Now | ||
CentOS CentOS | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-24121.
The severity of CVE-2022-24121 vulnerability is high with a severity value of 7.5.
The affected software is Unified Office Total Connect Now.
The CVE-2022-24121 vulnerability is a SQL Injection vulnerability that allows an attacker to extract sensitive information through a cookie parameter in Unified Office Total Connect Now.
Yes, you can find references for CVE-2022-24121 at the following links: [Link 1](https://unifiedoffice.com/total-connect-now/) and [Link 2](https://www.coresecurity.com/core-labs/advisories/unified-office-total-connect-sql-injection).