cnvd - cnvd-2020-33332

cnvd-2020-33332

Vulnerability from cnvd

Title: Admidio SQL注入漏洞（CNVD-2020-33332）

Description:

Admidio是Admidio团队的一套开源的成员管理系统。该系统支持成员列表、事件管理、留言簿、相册和下载等功能。

Admidio 3.3.13之前版本中存在SQL注入漏洞。攻击者可利用该漏洞进行SQL查询，影响系统的保密性。

Severity: 中

Patch Name: Admidio SQL注入漏洞（CNVD-2020-33332）的补丁

Patch Description:

Admidio是Admidio团队的一套开源的成员管理系统。该系统支持成员列表、事件管理、留言簿、相册和下载等功能。

Admidio 3.3.13之前版本中存在SQL注入漏洞。攻击者可利用该漏洞进行SQL查询，影响系统的保密性。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-11004

Impacted products

Name
Admidio Admidio <3.3.13

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-11004"
    }
  },
  "description": "Admidio\u662fAdmidio\u56e2\u961f\u7684\u4e00\u5957\u5f00\u6e90\u7684\u6210\u5458\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u6210\u5458\u5217\u8868\u3001\u4e8b\u4ef6\u7ba1\u7406\u3001\u7559\u8a00\u7c3f\u3001\u76f8\u518c\u548c\u4e0b\u8f7d\u7b49\u529f\u80fd\u3002\n\nAdmidio 3.3.13\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884cSQL\u67e5\u8be2\uff0c\u5f71\u54cd\u7cfb\u7edf\u7684\u4fdd\u5bc6\u6027\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-33332",
  "openTime": "2020-06-16",
  "patchDescription": "Admidio\u662fAdmidio\u56e2\u961f\u7684\u4e00\u5957\u5f00\u6e90\u7684\u6210\u5458\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u6210\u5458\u5217\u8868\u3001\u4e8b\u4ef6\u7ba1\u7406\u3001\u7559\u8a00\u7c3f\u3001\u76f8\u518c\u548c\u4e0b\u8f7d\u7b49\u529f\u80fd\u3002\r\n\r\nAdmidio 3.3.13\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884cSQL\u67e5\u8be2\uff0c\u5f71\u54cd\u7cfb\u7edf\u7684\u4fdd\u5bc6\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Admidio SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2020-33332\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Admidio Admidio \u003c3.3.13"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-11004",
  "serverity": "\u4e2d",
  "submitTime": "2020-04-26",
  "title": "Admidio SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2020-33332\uff09"
}

CVE-2020-11004 (GCVE-0-2020-11004)

Vulnerability from cvelistv5

Published

2020-04-24 20:25

Modified

2024-08-04 11:21

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Summary

SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13.

References

▼	URL	Tags
	https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54	x_refsource_CONFIRM
	https://github.com/Admidio/admidio/issues/908	x_refsource_MISC
	https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Admidio	admidio	Version: < 3.3.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:21:14.613Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Admidio/admidio/issues/908"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "admidio",
          "vendor": "Admidio",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.3.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-24T20:25:14",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Admidio/admidio/issues/908"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a"
        }
      ],
      "source": {
        "advisory": "GHSA-qh57-rcff-gx54",
        "discovery": "UNKNOWN"
      },
      "title": "SQL Injection in Admidio",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-11004",
          "STATE": "PUBLIC",
          "TITLE": "SQL Injection in Admidio"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "admidio",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 3.3.13"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Admidio"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54",
              "refsource": "CONFIRM",
              "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54"
            },
            {
              "name": "https://github.com/Admidio/admidio/issues/908",
              "refsource": "MISC",
              "url": "https://github.com/Admidio/admidio/issues/908"
            },
            {
              "name": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a",
              "refsource": "MISC",
              "url": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-qh57-rcff-gx54",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-11004",
    "datePublished": "2020-04-24T20:25:14",
    "dateReserved": "2020-03-30T00:00:00",
    "dateUpdated": "2024-08-04T11:21:14.613Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted