We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-45198



Description

insightsoftware Spark JDBC 2.6.21 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution.

Reserved 2024-08-22 | Published 2025-04-03 | Updated 2025-04-04 | Assigner mitre

References

gist.github.com/azraelxuemo/ef11311ae0633cbd3d794f73c64e3877

cve.org (CVE-2024-45198)

nvd.nist.gov (CVE-2024-45198)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-45198

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.