fkie_cve-2022-24697
Vulnerability from fkie_nvd
Published
2022-10-13 13:15
Modified
2025-05-16 14:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Kylin's cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of “-- conf=” to inject any operating system command into the command line parameters. This vulnerability affects Kylin 2 version 2.6.5 and earlier, Kylin 3 version 3.1.2 and earlier, and Kylin 4 version 4.0.1 and earlier.
References
security@apache.orghttp://www.openwall.com/lists/oss-security/2022/12/30/1Mailing List, Patch, Third Party Advisory
security@apache.orghttps://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2022/12/30/1Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4Mailing List, Patch, Vendor Advisory
Impacted products
Vendor Product Version
apache kylin *
apache kylin *
apache kylin *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B74CB6-F87D-4447-B14C-A670119EE2CB",
              "versionEndExcluding": "2.6.6",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E3780DD-1577-4A26-91B0-7A8687D257CD",
              "versionEndIncluding": "3.1.2",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "122C33FB-877C-4C73-8298-15B500FBB1DA",
              "versionEndIncluding": "4.0.1",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Kylin\u0027s cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of \u201c-- conf=\u201d to inject any operating system command into the command line parameters. This vulnerability affects Kylin 2 version 2.6.5 and earlier, Kylin 3 version 3.1.2 and earlier, and Kylin 4 version 4.0.1 and earlier."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n cube designer de Kylin presenta una vulnerabilidad de inyecci\u00f3n de comandos cuando son sobrescritos los par\u00e1metros del sistema en el men\u00fa de sobreescritura de la configuraci\u00f3n. Un RCE puede ser implementado cerrando las comillas simples alrededor del valor del par\u00e1metro \"conf\" para inyectar cualquier comando del sistema operativo en los par\u00e1metros de la l\u00ednea de comandos. Esta vulnerabilidad afecta a Kylin 2 versiones 2.6.5 y anteriores, Kylin 3 versiones 3.1.2 y anteriores, y Kylin 4 versiones 4.0.1 y anteriores"
    }
  ],
  "id": "CVE-2022-24697",
  "lastModified": "2025-05-16T14:15:27.127",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-10-13T13:15:09.900",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2022/12/30/1"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2022/12/30/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.