SQL Injection

2024-07-0810:16:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vulnerability

vanna-ai

sql injection

remote users

local files

insecure configuration

execute role

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.4

Confidence

Low

JSON

vanna-ai/vanna is vulnerable to SQL injection. The vulnerability is due to an exposed SQL query pg_read_file(), which allows remote users to read arbitrary local files on the victim server, including sensitive files such as /etc/passwd. Note that this vulnerability is only exploitable due to an insecure configuration, when the EXECUTE role is given to the vanna db user.