Lucene search

GitHub Advisory DatabaseGHSA-XM6R-4466-MR74

HistoryOct 18, 2018 - 5:40 p.m.

OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection

2018-10-1817:40:56

CWE-269

GitHub Advisory Database

github.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.328 Low

EPSS

Percentile

97.1%

JSON

OrientDB through 2.2.22 does not enforce privilege requirements during “where” or “fetchplan” or “order by” use, which allows remote attackers to execute arbitrary OS commands via a crafted request.

Affected configurations

Vulners

Node

com.orientechnologies\orientdbMatchcore

CPENameOperatorVersion
com.orientechnologies:orientdb-corelt2.2.23

CPE	Name	Operator	Version
	com.orientechnologies:orientdb-core	lt	2.2.23

References

github.com/advisories/GHSA-xm6r-4466-mr74

github.com/orientechnologies/orientdb/wiki/OrientDB-2.2-Release-Notes#2223---july-11-2017

nvd.nist.gov/vuln/detail/CVE-2017-11467

web.archive.org/web/20210403135751/www.heavensec.org/?p=1703

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.328 Low

EPSS

Percentile

97.1%

JSON

Related for GHSA-XM6R-4466-MR74