CVE-2024-10377 | ESAFENET CDG 5 DecryptApplicationService.java actionPassDecryptApplication1 id sql injection

CVE-2024-10377 | ESAFENET CDG 5 DecryptApplicationService.java actionPassDecryptApplication1 id sql injection

A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. This issue affects the function actionPassDecryptApplication1 of the file /com/esafenet/servlet/client/DecryptApplicationService.java. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2024-10377. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. This is a different issue than CVE-2024-10069.