CNNVD-202507-2485 Information

CNNVD ID

CNNVD-202507-2485

Related CVE

CVE-2025-52924

• CNNVD Published: 2025-07-19

Description (Chinese)

One Identity OneLogin是美国One Identity公司的一个身份和访问管理软件。 One Identity OneLogin 2025.2.0之前版本存在SQL注入漏洞，该漏洞源于SQL连接应用名称设置不当，可能导致信息泄露。

Description (English)

One Identity OneLogin is an identity and access management software for One Identity in the United States. There was an SQL injection loophole in the pre-Model version of One Identity OneLogin 2025.2.0, which stemmed from the inappropriate name set-up of the SQL connection application, which could lead to a leak of information.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

One Identity

Published

2025-07-19

Last Modified

2026-02-24

References

https://oneidentity.com https://onelogin.service-now.com/support?id=kb_article&sys_id=59fe4c3c972a2610c90c3b0e6253afef&kb_category=a0d76d70db185340d5505eea4b96199f https://access.redhat.com/security/cve/cve-2025-52924