CVE-2024-1153 — MEDIUM (4.6)

Q: How severe is CVE-2024-1153?

CVE-2024-1153 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-1153?

Check the references section above for vendor advisories and patch information. Affected products include: Talyabilisim Travel Apps.

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel APPS: before v17.0.68.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Talyabilisim	Travel Apps	< 17.0.68

Related Weaknesses (CWE)

CWE-89

References

https://www.usom.gov.tr/bildirim/tr-24-0809Broken Link
https://www.usom.gov.tr/bildirim/tr-24-0809Broken Link

FAQ

What is CVE-2024-1153?

CVE-2024-1153 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Lev...

How severe is CVE-2024-1153?

CVE-2024-1153 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-1153?

Check the references section above for vendor advisories and patch information. Affected products include: Talyabilisim Travel Apps.