cnvd - cnvd-2025-30844

CNVD-2025-30844

Vulnerability from cnvd - Published: 2025-12-17

Title

Apache VCL SQL注入漏洞

Description

Apache VCL是美国阿帕奇（Apache）基金会的一套开源的云计算平台。 Apache VCL 2.2至2.5.1版本存在SQL注入漏洞，该漏洞源于SQL命令中特殊元素的中和不当，攻击者可利用该漏洞导致用户修改表单数据以修改SELECT SQL语句。

Severity

高

Patch Name

Apache VCL SQL注入漏洞的补丁

Patch Description

Apache VCL是美国阿帕奇（Apache）基金会的一套开源的云计算平台。 Apache VCL 2.2至2.5.1版本存在SQL注入漏洞，该漏洞源于SQL命令中特殊元素的中和不当，攻击者可利用该漏洞导致用户修改表单数据以修改SELECT SQL语句。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread/2bmjnzgjwwq59nv6xw44w0tnpz4k4pf4

Reference

http://www.openwall.com/lists/oss-security/2025/03/24/1

Impacted products

Name
Apache Apache VCL >=2.2，<=2.5.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-53678",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-53678"
    }
  },
  "description": "Apache VCL\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u5f00\u6e90\u7684\u4e91\u8ba1\u7b97\u5e73\u53f0\u3002\n\nApache VCL 2.2\u81f32.5.1\u7248\u672c\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eSQL\u547d\u4ee4\u4e2d\u7279\u6b8a\u5143\u7d20\u7684\u4e2d\u548c\u4e0d\u5f53\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7528\u6237\u4fee\u6539\u8868\u5355\u6570\u636e\u4ee5\u4fee\u6539SELECT SQL\u8bed\u53e5\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread/2bmjnzgjwwq59nv6xw44w0tnpz4k4pf4",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-30844",
  "openTime": "2025-12-17",
  "patchDescription": "Apache VCL\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u5f00\u6e90\u7684\u4e91\u8ba1\u7b97\u5e73\u53f0\u3002\r\n\r\nApache VCL 2.2\u81f32.5.1\u7248\u672c\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eSQL\u547d\u4ee4\u4e2d\u7279\u6b8a\u5143\u7d20\u7684\u4e2d\u548c\u4e0d\u5f53\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7528\u6237\u4fee\u6539\u8868\u5355\u6570\u636e\u4ee5\u4fee\u6539SELECT SQL\u8bed\u53e5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache VCL SQL\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Apache VCL \u003e=2.2\uff0c\u003c=2.5.1"
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2025/03/24/1",
  "serverity": "\u9ad8",
  "submitTime": "2025-03-27",
  "title": "Apache VCL SQL\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2024-53678 (GCVE-0-2024-53678)

Vulnerability from cvelistv5 – Published: 2025-03-25 09:33 – Updated: 2025-03-31 16:23

Title

Apache VCL: SQL injection vulnerability in New Block Allocation form

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache VCL. Users can modify form data submitted when requesting a new Block Allocation such that a SELECT SQL statement is modified. The data returned by the SELECT statement is not viewable by the attacker. This issue affects all versions of Apache VCL from 2.2 through 2.5.1. Users are recommended to upgrade to version 2.5.2, which fixes the issue.

Severity ?

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

apache

References

URL

Tags

https://lists.apache.org/thread/2bmjnzgjwwq59nv6x…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache VCL	Affected: 2.2 , ≤ 2.5.1 (semver)

Credits

Chiencp and Nothing from TeamTonTac

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-03-25T10:03:36.518Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/03/24/1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-53678",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-31T16:23:09.406932Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-31T16:23:19.825Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache VCL",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.5.1",
              "status": "affected",
              "version": "2.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Chiencp and Nothing from TeamTonTac"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eImproper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Apache VCL. Users can modify form data submitted when requesting a new Block Allocation such that a SELECT SQL statement is modified. The data returned by the SELECT statement is not viewable by the attacker.\u003c/p\u003e\u003cp\u003eThis issue affects all versions of Apache VCL from 2.2 through 2.5.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.5.2, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Apache VCL. Users can modify form data submitted when requesting a new Block Allocation such that a SELECT SQL statement is modified. The data returned by the SELECT statement is not viewable by the attacker.\n\nThis issue affects all versions of Apache VCL from 2.2 through 2.5.1.\n\nUsers are recommended to upgrade to version 2.5.2, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-25T09:33:36.385Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/2bmjnzgjwwq59nv6xw44w0tnpz4k4pf4"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache VCL: SQL injection vulnerability in New Block Allocation form",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-53678",
    "datePublished": "2025-03-25T09:33:36.385Z",
    "dateReserved": "2024-11-21T21:59:30.303Z",
    "dateUpdated": "2025-03-31T16:23:19.825Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-30844

CVE-2024-53678 (GCVE-0-2024-53678)

Tags

Sightings

Nomenclature