Missing Initialization of Resource

CVE-2024-52870

High

7.1/10

Summary

Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a client user accessing arbitrary remote websites.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-909 - Missing Initialization of Resource

The software does not initialize a critical resource.

References

Advisory Timeline

Published Jan 17, 2025

Missing Initialization of Resource

CVE-2024-52870

Summary

CWE-909 - Missing Initialization of Resource

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS