SQL injection in a cloud solution used by Swiss telecommunication service providers allowed an attacker to execute arbitrary SQL commands
Other
NTCF:
NTCF-2024-8734
Product:
Classified
Vendor:
Classified
Criticality:
high
Status:
fixed
Discovered:
2024-07-17
Detail:
Classified
Fixed version:
Release Oct. 2024
Description
In accordance with NTC Vulnerability Disclosure Policy, no technical details about this vulnerability will be publicly disclosed. Further details may be provided on a case by case basis.
Please use the contact form and provide an explanation for your request.
Timeline
2024-07-17: initial discovery
2024-07-17: first contact to vendor
2024-07-19: private disclosure to vendor
2024-08-27: fix by vendor
2024-10-31: public disclosure