Lucene search

GitHub Advisory DatabaseGHSA-R847-6W6H-R8G4

HistoryOct 27, 2023 - 5:39 p.m.

Flyte Admin SQL Injection in List Filters

2023-10-2717:39:08

CWE-89

GitHub Advisory Database

github.com

flyte admin

sql injection

list endpoints

sql vulnerability

rest requests

custom sql statements

access control

vpn

authentication

owasp

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.7%

JSON

Impact

List endpoints on Flyte Admin has a SQL vulnerability where a malicious user can send a REST requests with custom SQL statements as list filters.

Workarounds

The attacker needs to have access to the flyteadmin installation (typically either behind a VPN or authentication).

References

https://owasp.org/www-community/attacks/SQL_Injection#

Affected configurations

Vulners

Node

flyteorgflyteadminRange<1.1.124

CPENameOperatorVersion
github.com/flyteorg/flyteadminlt1.1.124

CPE	Name	Operator	Version
	github.com/flyteorg/flyteadmin	lt	1.1.124

References

github.com/advisories/GHSA-r847-6w6h-r8g4

github.com/flyteorg/flyteadmin/commit/b3177ef70f068e908140b8a4a9913dfa74f289fd

github.com/flyteorg/flyteadmin/security/advisories/GHSA-r847-6w6h-r8g4

nvd.nist.gov/vuln/detail/CVE-2023-41891

owasp.org/www-community/attacks/SQL_Injection#

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.7%

JSON

Related for GHSA-R847-6W6H-R8G4