Lucene search

Veracode Vulnerability DatabaseVERACODE:46587

HistoryApr 23, 2024 - 7:57 a.m.

SQL Injection

2024-04-2307:57:19

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

librenms

sql injection

vulnerability

input validation

post endpoint

packages.inc.php

global read privileges

sql commands

time based attack

administrator credentials

database

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

AI Score

7.3

Confidence

High

EPSS

Percentile

15.5%

JSON

librenms/librenms is vulnerable to a SQL Injection. The vulnerability is due to inadequate input validation in the end point POST /search/search=packages within packages.inc.php, allowing a user with global read privileges to execute SQL commands via the package parameter and allows an attacker to mount SQL injection time based attack to extract all data from the database, such as administrator credentials.

References

doc.clickup.com/9013166444/p/h/8ckm0bc-53/16811991bb5fff6

github.com/advisories/GHSA-cwx6-cx7x-4q34

github.com/librenms/librenms/commit/d29201fce134347f891102699fbde7070debee33

github.com/librenms/librenms/security/advisories/GHSA-cwx6-cx7x-4q34

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

AI Score

7.3

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for VERACODE:46587