Vulnerability-Lookup

CNVD-2020-33332

Vulnerability from cnvd - Published: 2020-06-16

Title

Admidio SQL注入漏洞（CNVD-2020-33332）

Description

Admidio是Admidio团队的一套开源的成员管理系统。该系统支持成员列表、事件管理、留言簿、相册和下载等功能。 Admidio 3.3.13之前版本中存在SQL注入漏洞。攻击者可利用该漏洞进行SQL查询，影响系统的保密性。

Severity

中

Patch Name

Admidio SQL注入漏洞（CNVD-2020-33332）的补丁

Patch Description

Admidio是Admidio团队的一套开源的成员管理系统。该系统支持成员列表、事件管理、留言簿、相册和下载等功能。 Admidio 3.3.13之前版本中存在SQL注入漏洞。攻击者可利用该漏洞进行SQL查询，影响系统的保密性。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-11004

Impacted products

Name
Admidio Admidio <3.3.13

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-11004"
    }
  },
  "description": "Admidio\u662fAdmidio\u56e2\u961f\u7684\u4e00\u5957\u5f00\u6e90\u7684\u6210\u5458\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u6210\u5458\u5217\u8868\u3001\u4e8b\u4ef6\u7ba1\u7406\u3001\u7559\u8a00\u7c3f\u3001\u76f8\u518c\u548c\u4e0b\u8f7d\u7b49\u529f\u80fd\u3002\n\nAdmidio 3.3.13\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884cSQL\u67e5\u8be2\uff0c\u5f71\u54cd\u7cfb\u7edf\u7684\u4fdd\u5bc6\u6027\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-33332",
  "openTime": "2020-06-16",
  "patchDescription": "Admidio\u662fAdmidio\u56e2\u961f\u7684\u4e00\u5957\u5f00\u6e90\u7684\u6210\u5458\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u652f\u6301\u6210\u5458\u5217\u8868\u3001\u4e8b\u4ef6\u7ba1\u7406\u3001\u7559\u8a00\u7c3f\u3001\u76f8\u518c\u548c\u4e0b\u8f7d\u7b49\u529f\u80fd\u3002\r\n\r\nAdmidio 3.3.13\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdb\u884cSQL\u67e5\u8be2\uff0c\u5f71\u54cd\u7cfb\u7edf\u7684\u4fdd\u5bc6\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Admidio SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2020-33332\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Admidio Admidio \u003c3.3.13"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-11004",
  "serverity": "\u4e2d",
  "submitTime": "2020-04-26",
  "title": "Admidio SQL\u6ce8\u5165\u6f0f\u6d1e\uff08CNVD-2020-33332\uff09"
}

CVE-2020-11004 (GCVE-0-2020-11004)

Vulnerability from cvelistv5 – Published: 2020-04-24 20:25 – Updated: 2024-08-04 11:21

Title

SQL Injection in Admidio

Summary

SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13.

Severity ?

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/Admidio/admidio/security/advis…	x_refsource_CONFIRM
	https://github.com/Admidio/admidio/issues/908	x_refsource_MISC
	https://github.com/Admidio/admidio/commit/ea5d6f1…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Admidio	admidio	Affected: < 3.3.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:21:14.613Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Admidio/admidio/issues/908"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "admidio",
          "vendor": "Admidio",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.3.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-24T20:25:14",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Admidio/admidio/issues/908"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a"
        }
      ],
      "source": {
        "advisory": "GHSA-qh57-rcff-gx54",
        "discovery": "UNKNOWN"
      },
      "title": "SQL Injection in Admidio",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-11004",
          "STATE": "PUBLIC",
          "TITLE": "SQL Injection in Admidio"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "admidio",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 3.3.13"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Admidio"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54",
              "refsource": "CONFIRM",
              "url": "https://github.com/Admidio/admidio/security/advisories/GHSA-qh57-rcff-gx54"
            },
            {
              "name": "https://github.com/Admidio/admidio/issues/908",
              "refsource": "MISC",
              "url": "https://github.com/Admidio/admidio/issues/908"
            },
            {
              "name": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a",
              "refsource": "MISC",
              "url": "https://github.com/Admidio/admidio/commit/ea5d6f114b151ed11ec0ad7cb47bd729e77a874a"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-qh57-rcff-gx54",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-11004",
    "datePublished": "2020-04-24T20:25:14",
    "dateReserved": "2020-03-30T00:00:00",
    "dateUpdated": "2024-08-04T11:21:14.613Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-33332

CVE-2020-11004 (GCVE-0-2020-11004)

Tags

Sightings

Nomenclature