CVE-2023-2681

An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the "/leaves/validate" path and the “id” parameter, managing to extract arbritary information from the database.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection	Third Party Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:*

History

21 Nov 2024, 07:59

Type	Values Removed	Values Added
References	~~() https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection - Third Party Advisory~~	() https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection - Third Party Advisory

25 Oct 2023, 15:00

Type	Values Removed	Values Added
CPE	cpe:2.3:a:jorani_project:jorani:1.0.0:::::::*	cpe:2.3:a:jorani:jorani:1.0.0:::::::*
First Time		Jorani Jorani jorani

05 Oct 2023, 16:43

Type	Values Removed	Values Added
References	~~(MISC) https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection -~~	(MISC) https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection - Third Party Advisory
First Time		Jorani Project jorani Jorani Project
CPE		cpe:2.3:a:jorani_project:jorani:1.0.0:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CWE		CWE-89

03 Oct 2023, 13:52

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-03 13:15

Updated : 2024-11-21 07:59

NVD link : CVE-2023-2681

Mitre link : CVE-2023-2681

CVE.ORG link : CVE-2023-2681

JSON object : View

Products Affected

jorani

jorani

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2023-2681", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-10-03T13:15:09.937", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection", "tags": ["Third Party Advisory"], "source": "cve-coordination@incibe.es"}, {"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the \"/leaves/validate\" path and the \u201cid\u201d parameter, managing to extract arbritary information from the database."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad de inyecci\u00f3n SQL en la versi\u00f3n 1.0.0 de Jorani. Esta vulnerabilidad permite que un usuario remoto autenticado, con bajos privilegios, env\u00ede consultas con c\u00f3digo SQL malicioso en la ruta \"/leaves/validate\" y el par\u00e1metro \u201cid\u201d, logrando extraer informaci\u00f3n arbitraria de la base de datos."}], "lastModified": "2024-11-21T07:59:04.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE8B2D2D-7CCC-4688-9C1C-5C2512F140E6"}], "operator": "OR"}]}], "sourceIdentifier": "cve-coordination@incibe.es"}