Vulnerabilities discovered by Yuri Kramar from the Cisco Security Advisor Team
Talos is disclosing multiple SQL injection vulnerabilities in the Frappe ERPNext Version 10.1.6 application. Frappe ERPNext is an open-source enterprise resource planning (ERP) cloud application. These vulnerabilities enable an attacker to bypass authentication and get unauthenticated access to sensitive data. An attacker can use a normal web browser to trigger these vulnerabilities — no special tools are required.
The vulnerabilities were assigned to the CVE IDs CVE-2018-3882 - CVE-2018-3885. An attacker can use the following parameters for SQL injection:
CVE-2018-3882 - searchfield parameter
_CVE-2018-3883 - employee parameter
CVE-2018-3883 - sort_order parameter
CVE-2018-3884 - sort_by parameter
CVE-2018-3884 - start parameter
More technical details can be found in the Talos vulnerability reports.
The following Snort rules will detect exploitation attempts. Note that additional rules may be released at a future date, and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rule: 46165-46172