horizoncloud 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk sql injection に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact data exposure などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-38891 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information. | [email protected] | 7.5 | 0.53% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38887 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary privileges. | [email protected] | 9.8 | 1.68% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38889 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command. | [email protected] | 9.8 | 0.90% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38888 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. | [email protected] | 6.8 | 0.21% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38886 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel. | [email protected] | 9.8 | 0.76% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38885 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application. | [email protected] | 7.5 | 0.61% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38884 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard authentication mechanisms | [email protected] | 7.8 | 0.20% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38883 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation. | [email protected] | 9.1 | 0.41% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38882 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command. | [email protected] | 9.8 | 0.96% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38881 | An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords. | [email protected] | 7.5 | 0.53% | 2024-08-02 | 2026-06-17 |
| CVE-2024-38890 | An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks. | [email protected] | 8.4 | 0.21% | 2024-08-02 | 2026-06-17 |