CVE
CVE-2022-24407
| CVE ID |
CVE-2022-24407
|
|---|---|
| CVSS Score |
6.5
|
| Operating System | |
| Affected Versions |
CentOS 6
|
| Patched Versions |
cyrus-sasl-2.1.23-15_ol001.el6.2
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary :
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.