SQL Injection Vulnerability in JeecgBoot by Jeecg
CVE-2021-46089

9.8CRITICAL

Key Information:

Vendor

Jeecg

Vendor
CVE Published:
25 January 2022

What is CVE-2021-46089?

JeecgBoot version 3.0 exposes a SQL injection vulnerability that enables attackers to interact with the database using root privileges. This critical flaw can lead to unauthorized access and manipulation of data, posing a significant risk to sensitive information. It is essential for users of JeecgBoot to implement necessary security measures to mitigate this vulnerability, such as updating to patched versions and monitoring database access closely.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2021-46089 : SQL Injection Vulnerability in JeecgBoot by Jeecg