Lucene search

GitHub Advisory DatabaseGHSA-G7VW-43XG-8M4H

HistoryMay 24, 2023 - 6:30 p.m.

SQL injection in Liferay Portal

2023-05-2418:30:26

CWE-89

GitHub Advisory Database

github.com

sql injection

liferay portal

sql server

vulnerability

upgrade process

attackers

arbitrary commands

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

46.6%

JSON

SQL injection vulnerability in the upgrade process for SQL Server in Liferay Portal 7.3.1 through 7.4.3.17, and Liferay DXP 7.3 before update 6, and 7.4 before update 18 allows attackers to execute arbitrary SQL commands via the name of a database table’s primary key index. This vulnerability is only exploitable when chained with other attacks. To exploit this vulnerability, the attacker must modify the database and wait for the application to be upgraded.

Affected configurations

Vulners

Node

com.liferay.portal\Matchrelease.portal.bom

CPENameOperatorVersion
com.liferay.portal:release.portal.bomlt7.4.3.18

CPE	Name	Operator	Version
	com.liferay.portal:release.portal.bom	lt	7.4.3.18

References

github.com/advisories/GHSA-g7vw-43xg-8m4h

liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33945

nvd.nist.gov/vuln/detail/CVE-2023-33945

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

46.6%

JSON

Related for GHSA-G7VW-43XG-8M4H