Drupal Security TeamDRUPAL-SA-CONTRIB-2015-116Novalnet Payment Module Ubercart - Critical - SQL Injection - Unsupported - SA-CONTRIB-2015-116
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
50.1%
This module enables you add the Novalnet payment service provider to Ubercart.
The module fails to sanitize a database query by not using the database API properly, thereby leading to a SQL Injection vulnerability. Since the affected path is not protected against CSRF, a malicious user can exploit this vulnerability by triggering a request to a specially-crafted URL.
This vulnerability is mitigated by the fact that the malicious request must come from a specific Novalnet IP address.
CVE identifier(s) issued
- CVE-2015-5504
Versions affected
- All versions of Novalnet Payment Module Ubercart module
Drupal core is not affected. If you do not use the contributed Novalnet Payment Module Ubercart module, there is nothing you need to do.
Solution
If you use the Novalnet Payment Module Ubercart module you should uninstall it.
Also see the Novalnet Payment Module Ubercart project page.
Reported by
- Pere Orga of the Drupal Security Team
Fixed by
Not applicable.
Coordinated by
- Pere Orga of the Drupal Security Team
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
50.1%