cnvd - cnvd-2018-13357

CNVD-2018-13357

Vulnerability from cnvd - Published: 2018-07-18

Title

OCS Inventory NG SQL注入漏洞（CNVD-2018-13357）

Description

OCS Inventory NG（Open Computer and Software Inventory Next Generation）是OCS Inventory团队开发的一套资产管理软件。该软件能够帮助管理员掌握计算机软件安装和配置，以及在HTTP代理和服务器之间实现低网络流量通讯。 OCS Inventory NG ocsreports 2.4版本和ocsreports 2.3.1版本中的Web搜索存在SQL注入漏洞。远程攻击者可通过发送特制的请求利用该漏洞获取数据库的访问权限。

Severity

高

Patch Name

OCS Inventory NG SQL注入漏洞（CNVD-2018-13357）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/

Reference

https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/

Impacted products

Name
['OCS Inventory OCS Inventory NG 2.4', 'OCS Inventory OCS Inventory NG 2.3.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1000558",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000558"
    }
  },
  "description": "OCS Inventory NG\uff08Open Computer and Software Inventory Next Generation\uff09\u662fOCS Inventory\u56e2\u961f\u5f00\u53d1\u7684\u4e00\u5957\u8d44\u4ea7\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u80fd\u591f\u5e2e\u52a9\u7ba1\u7406\u5458\u638c\u63e1\u8ba1\u7b97\u673a\u8f6f\u4ef6\u5b89\u88c5\u548c\u914d\u7f6e\uff0c\u4ee5\u53ca\u5728HTTP\u4ee3\u7406\u548c\u670d\u52a1\u5668\u4e4b\u95f4\u5b9e\u73b0\u4f4e\u7f51\u7edc\u6d41\u91cf\u901a\u8baf\u3002\r\n\r\nOCS Inventory NG ocsreports 2.4\u7248\u672c\u548cocsreports 2.3.1\u7248\u672c\u4e2d\u7684Web\u641c\u7d22\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6570\u636e\u5e93\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "unknow",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-13357",
  "openTime": "2018-07-18",
  "patchDescription": "OCS Inventory NG\uff08Open Computer and Software Inventory Next Generation\uff09\u662fOCS Inventory\u56e2\u961f\u5f00\u53d1\u7684\u4e00\u5957\u8d44\u4ea7\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u80fd\u591f\u5e2e\u52a9\u7ba1\u7406\u5458\u638c\u63e1\u8ba1\u7b97\u673a\u8f6f\u4ef6\u5b89\u88c5\u548c\u914d\u7f6e\uff0c\u4ee5\u53ca\u5728HTTP\u4ee3\u7406\u548c\u670d\u52a1\u5668\u4e4b\u95f4\u5b9e\u73b0\u4f4e\u7f51\u7edc\u6d41\u91cf\u901a\u8baf\u3002\r\n\r\nOCS Inventory NG ocsreports 2.4\u7248\u672c\u548cocsreports 2.3.1\u7248\u672c\u4e2d\u7684Web\u641c\u7d22\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6570\u636e\u5e93\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OCS Inventory NG SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2018-13357\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "OCS Inventory OCS Inventory NG 2.4",
      "OCS Inventory OCS Inventory NG  2.3.1"
    ]
  },
  "referenceLink": "https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/",
  "serverity": "\u9ad8",
  "submitTime": "2018-07-09",
  "title": "OCS Inventory NG SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2018-13357\uff09"
}

CVE-2018-1000558 (GCVE-0-2018-1000558)

Vulnerability from cvelistv5 – Published: 2018-06-26 16:00 – Updated: 2024-08-05 12:40

Summary

OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://www.ocsinventory-ng.org/en/ocs-inventory-…	x_refsource_MISC
	https://www.secuvera.de/advisories/secuvera-SA-20…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:40:47.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.secuvera.de/advisories/secuvera-SA-2017-04.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2018-06-23T00:00:00",
      "datePublic": "2018-06-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-26T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.secuvera.de/advisories/secuvera-SA-2017-04.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2018-06-23T11:22:33.086803",
          "DATE_REQUESTED": "2018-04-09T15:53:11",
          "ID": "CVE-2018-1000558",
          "REQUESTER": "sbieber@secuvera.de",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/",
              "refsource": "MISC",
              "url": "https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/"
            },
            {
              "name": "https://www.secuvera.de/advisories/secuvera-SA-2017-04.txt",
              "refsource": "MISC",
              "url": "https://www.secuvera.de/advisories/secuvera-SA-2017-04.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-1000558",
    "datePublished": "2018-06-26T16:00:00",
    "dateReserved": "2018-04-09T00:00:00",
    "dateUpdated": "2024-08-05T12:40:47.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-13357

CVE-2018-1000558 (GCVE-0-2018-1000558)

Tags

Sightings

Nomenclature