CVE-2022-31092

{"id": "CVE-2022-31092", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2022-06-27T22:15:08.987", "references": [{"url": "https://github.com/pimcore/pimcore/commit/21559c6bf0e4e828d33ff7af6e88caecb5ac6549", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/pimcore/pull/12444", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-gvmf-wcx6-p974", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pimcore/pimcore/commit/21559c6bf0e4e828d33ff7af6e88caecb5ac6549", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/pimcore/pimcore/pull/12444", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-gvmf-wcx6-p974", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Pimcore is an Open Source Data & Experience Management Platform. Pimcore offers developers listing classes to make querying data easier. This listing classes also allow to order or group the results based on one or more columns which should be quoted by default. The actual issue is that quoting is not done properly in both cases, so there's the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the listing classes. This issue has been resolved in version 10.4.4. Users are advised to upgrade or to apple the patch manually. There are no known workarounds for this issue."}, {"lang": "es", "value": "Pimcore es una plataforma de administraci\u00f3n de datos y experiencias de c\u00f3digo abierto. Pimcore ofrece a desarrolladores clases de listado para facilitar la consulta de datos. Estas clases de listado tambi\u00e9n permiten ordenar o agrupar los resultados en base a una o m\u00e1s columnas que deber\u00edan ser citadas por defecto. El problema actual es que el entrecomillado no es realizado apropiadamente en ambos casos, por lo que se presenta la posibilidad te\u00f3rica de inyectar SQL personalizado si el desarrollador usa estos m\u00e9todos con datos de entrada y no realiza una comprobaci\u00f3n de entrada apropiada de antemano, por lo que conf\u00eda en el autocitado que realizan las clases de listado. Este problema ha sido resuelto en versi\u00f3n 10.4.4. Es recomendado a usuarios actualizar o aplicar el parche manualmente. No se presentan mitigaciones conocidas para este problema"}], "lastModified": "2024-11-21T07:03:52.720", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD0CD377-E7E0-479B-88C4-ECDD6250876F", "versionEndExcluding": "10.4.4"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}