SQL Injection Vulnerability in CoreCollaboration by Apple
CVE-2014-4424

Currently unrated

Key Information:

Vendor: Apple
Status: Os X Server
Vendor: CVE Published:; 19 September 2014

What is CVE-2014-4424?

An SQL injection flaw exists in CoreCollaboration on Apple OS X Server, which allows remote attackers to leverage unspecified vectors to execute arbitrary SQL commands. This can lead to unauthorized access to sensitive data and potential compromise of the server's integrity, highlighting the importance of prompt updates and security measures.

References

http://support.apple.com/kb/HT6448

x_refsource_CONFIRM

http://archives.neohapsis.com/archives/bugtraq/2014-10/01...

vendor-advisoryx_refsource_APPLE

https://exchange.xforce.ibmcloud.com/vulnerabilities/96048

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2014
Vulnerability Reserved
Jun 20, 2014