CVE-2024-0985 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-0985 PUBLISHED CVSS 8 HIGH

An attacker can provide untrusted materialized views and lure a high privileged authorized user to inadvertently execute arbitrary SQL functions by refreshing the attacker's materialized view.

EPSS 0.77% · 73.5th percentile

Risk Scores

CVSS v3.1

8

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C

EPSS Score

0.77%

73.5th percentile

Affected Products

Vendor	Product	Versions
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.3 RU2
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.3
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.2
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.4
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.4 SP2
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.4 SP1
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.3 RU3
ABB	ABB Ability™ Symphony® Plus S+ Engineering 2.3 RU1

Timeline

Feb 8, 2024 EPSS Score
Feb 8, 2024 CVE Published
Mar 6, 2024 EPSS Score
Apr 1, 2024 EPSS Score
May 24, 2024 EPSS Score
Jun 20, 2024 EPSS Score
Jul 17, 2024 EPSS Score
Aug 16, 2024 EPSS Score
Sep 12, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Nov 4, 2024 EPSS Score
Nov 30, 2024 EPSS Score

References

Open in Interactive Console →