cvelistv5 - cve-2021-3850

CVE-2021-3850 (GCVE-0-2021-3850)

Vulnerability from cvelistv5 – Published: 2022-01-25 14:20 – Updated: 2024-08-03 17:09

Summary

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

Severity ?

9.1 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-305 - Authentication Bypass by Primary Weakness

Assigner

@huntrdev

References

URL

Tags

	https://huntr.dev/bounties/bdf5f216-4499-4225-a73…	x_refsource_CONFIRM
	https://github.com/adodb/adodb/commit/952de6c4273…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2022…	mailing-listx_refsource_MLIST
	https://www.debian.org/security/2022/dsa-5101	vendor-advisoryx_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	adodb	adodb/adodb	Affected: unspecified , < 5.20.21 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:09:09.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
          },
          {
            "name": "[debian-lts-announce] 20220206 [SECURITY] [DLA 2912-1] libphp-adodb security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
          },
          {
            "name": "DSA-5101",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5101"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "adodb/adodb",
          "vendor": "adodb",
          "versions": [
            {
              "lessThan": "5.20.21",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-305",
              "description": "CWE-305 Authentication Bypass by Primary Weakness",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-14T14:06:25",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
        },
        {
          "name": "[debian-lts-announce] 20220206 [SECURITY] [DLA 2912-1] libphp-adodb security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
        },
        {
          "name": "DSA-5101",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5101"
        }
      ],
      "source": {
        "advisory": "bdf5f216-4499-4225-a737-b28bc6f5801c",
        "discovery": "EXTERNAL"
      },
      "title": "Authentication Bypass by Primary Weakness in adodb/adodb",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2021-3850",
          "STATE": "PUBLIC",
          "TITLE": "Authentication Bypass by Primary Weakness in adodb/adodb"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "adodb/adodb",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "5.20.21"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "adodb"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-305 Authentication Bypass by Primary Weakness"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
            },
            {
              "name": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29",
              "refsource": "MISC",
              "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
            },
            {
              "name": "[debian-lts-announce] 20220206 [SECURITY] [DLA 2912-1] libphp-adodb security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
            },
            {
              "name": "DSA-5101",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5101"
            }
          ]
        },
        "source": {
          "advisory": "bdf5f216-4499-4225-a737-b28bc6f5801c",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2021-3850",
    "datePublished": "2022-01-25T14:20:11",
    "dateReserved": "2021-10-02T00:00:00",
    "dateUpdated": "2024-08-03T17:09:09.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adodb_project:adodb:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.20.21\", \"matchCriteriaId\": \"DD9D707E-EF89-4981-86D5-B714E8743B3B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.\"}, {\"lang\": \"es\", \"value\": \"Una Omisi\\u00f3n de Autenticaci\\u00f3n por Debilidad Primaria en el repositorio de GitHub adodb/adodb versiones anteriores a 5.20.21\"}]",
      "id": "CVE-2021-3850",
      "lastModified": "2024-11-21T06:22:39.053",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}], \"cvssMetricV30\": [{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:N\", \"baseScore\": 6.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-25T15:15:08.013",
      "references": "[{\"url\": \"https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29\", \"source\": \"security@huntr.dev\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c\", \"source\": \"security@huntr.dev\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html\", \"source\": \"security@huntr.dev\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5101\", \"source\": \"security@huntr.dev\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5101\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@huntr.dev",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-305\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-3850\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2022-01-25T15:15:08.013\",\"lastModified\":\"2024-11-21T06:22:39.053\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.\"},{\"lang\":\"es\",\"value\":\"Una Omisi\u00f3n de Autenticaci\u00f3n por Debilidad Primaria en el repositorio de GitHub adodb/adodb versiones anteriores a 5.20.21\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-305\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adodb_project:adodb:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.20.21\",\"matchCriteriaId\":\"DD9D707E-EF89-4981-86D5-B714E8743B3B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c\",\"source\":\"security@huntr.dev\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html\",\"source\":\"security@huntr.dev\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5101\",\"source\":\"security@huntr.dev\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5101\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

GHSA-65MJ-7C86-79JF

Vulnerability from github – Published: 2022-01-27 15:23 – Updated: 2022-02-07 22:34

Summary

Authentication Bypass in ADOdb/ADOdb

Details

Impact

An attacker can inject values into a PostgreSQL connection string by providing a parameter surrounded by single quotes.

Depending on how the library is used in the client software, this may allow an attacker to bypass the login process, gain access to the server's IP address, etc.

Patches

The vulnerability is fixed in ADOdb versions 5.20.21 (952de6c4273d9b1e91c2b838044f8c2111150c29) and 5.21.4 or later (b4d5ce70034c5aac3a1d51d317d93c037a0938d2).

The simplest patch is to delete line 29 in drivers/adodb-postgres64.inc.php:

diff --git a/drivers/adodb-postgres64.inc.php b/drivers/adodb-postgres64.inc.php
index d04b7f67..729d7141 100644
--- a/drivers/adodb-postgres64.inc.php
+++ b/drivers/adodb-postgres64.inc.php
@@ -26,7 +26,6 @@ function adodb_addslashes($s)
 {
    $len = strlen($s);
    if ($len == 0) return "''";
-   if (strncmp($s,"'",1) === 0 && substr($s,$len-1) == "'") return $s; // already quoted

    return "'".addslashes($s)."'";
 }

Workarounds

Ensure the parameters passed to ADOConnection::connect() or related functions (nConnect(), pConnect()) are not surrounded by single quotes.

Credits

Thanks to Emmet Leahy (@meme-lord) of Sorcery Ltd for reporting this vulnerability, and to the huntr team for their support.

References

Original issue report https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c/
ADOdb reference issue #793

For more information

If you have any questions or comments about this advisory: * Add a note in issue #793 * Contact the maintainers on Gitter

Severity ?

9.1 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.20.20"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "adodb/adodb-php"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.20.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.21.3"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "adodb/adodb-php"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.21.0"
            },
            {
              "fixed": "5.21.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-3850"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-305"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-24T22:39:29Z",
    "nvd_published_at": "2022-01-25T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n\nAn attacker can inject values into a PostgreSQL connection string by providing a parameter surrounded by single quotes.\n\nDepending on how the library is used in the client software, this may allow an attacker to bypass the login process, gain access to the server\u0027s IP address, etc.\n\n### Patches\n\nThe vulnerability is fixed in ADOdb versions 5.20.21 (952de6c4273d9b1e91c2b838044f8c2111150c29) and 5.21.4 or later (b4d5ce70034c5aac3a1d51d317d93c037a0938d2).\n\nThe simplest patch is to delete line 29 in `drivers/adodb-postgres64.inc.php`:\n\n```php\ndiff --git a/drivers/adodb-postgres64.inc.php b/drivers/adodb-postgres64.inc.php\nindex d04b7f67..729d7141 100644\n--- a/drivers/adodb-postgres64.inc.php\n+++ b/drivers/adodb-postgres64.inc.php\n@@ -26,7 +26,6 @@ function adodb_addslashes($s)\n {\n    $len = strlen($s);\n    if ($len == 0) return \"\u0027\u0027\";\n-   if (strncmp($s,\"\u0027\",1) === 0 \u0026\u0026 substr($s,$len-1) == \"\u0027\") return $s; // already quoted\n \n    return \"\u0027\".addslashes($s).\"\u0027\";\n }\n```\n\n### Workarounds\n\nEnsure the parameters passed to *ADOConnection::connect()* or related functions (_nConnect()_, _pConnect()_) are not surrounded by single quotes.\n\n### Credits\n\nThanks to **Emmet Leahy** (@meme-lord) of Sorcery Ltd for reporting this vulnerability, and to the [huntr](https://huntr.dev/) team for their support.\n\n### References\n\n- Original issue report https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c/\n- ADOdb reference issue #793 \n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Add a note in issue #793\n* Contact the maintainers on [Gitter](https://gitter.im/adodb/adodb)\n",
  "id": "GHSA-65mj-7c86-79jf",
  "modified": "2022-02-07T22:34:28Z",
  "published": "2022-01-27T15:23:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ADOdb/ADOdb/security/advisories/GHSA-65mj-7c86-79jf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3850"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ADOdb/ADOdb/issues/793"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ADOdb/ADOdb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ADOdb/ADOdb/commit/b4d5ce70034c5aac3a1d51d317d93c037a0938d2"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ADOdb/ADOdb"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5101"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Authentication Bypass in ADOdb/ADOdb"
}

FKIE_CVE-2021-3850

Vulnerability from fkie_nvd - Published: 2022-01-25 15:15 - Updated: 2024-11-21 06:22

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

References

URL	Tags
security@huntr.dev	https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29	Patch, Third Party Advisory
security@huntr.dev	https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c	Exploit, Issue Tracking, Patch, Third Party Advisory
security@huntr.dev	https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html	Mailing List, Third Party Advisory
security@huntr.dev	https://www.debian.org/security/2022/dsa-5101	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c	Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2022/dsa-5101	Third Party Advisory

Impacted products

	Vendor	Product	Version
	adodb_project	adodb	*
	debian	debian_linux	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adodb_project:adodb:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD9D707E-EF89-4981-86D5-B714E8743B3B",
              "versionEndIncluding": "5.20.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21."
    },
    {
      "lang": "es",
      "value": "Una Omisi\u00f3n de Autenticaci\u00f3n por Debilidad Primaria en el repositorio de GitHub adodb/adodb versiones anteriores a 5.20.21"
    }
  ],
  "id": "CVE-2021-3850",
  "lastModified": "2024-11-21T06:22:39.053",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "security@huntr.dev",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-25T15:15:08.013",
  "references": [
    {
      "source": "security@huntr.dev",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
    },
    {
      "source": "security@huntr.dev",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
    },
    {
      "source": "security@huntr.dev",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
    },
    {
      "source": "security@huntr.dev",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5101"
    }
  ],
  "sourceIdentifier": "security@huntr.dev",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-305"
        }
      ],
      "source": "security@huntr.dev",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2021-3850

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

Aliases

CVE-2021-3850

Aliases

CVE-2021-3850

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-3850",
    "description": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.",
    "id": "GSD-2021-3850",
    "references": [
      "https://advisories.mageia.org/CVE-2021-3850.html",
      "https://www.debian.org/security/2022/dsa-5101"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-3850"
      ],
      "details": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.",
      "id": "GSD-2021-3850",
      "modified": "2023-12-13T01:23:35.085755Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@huntr.dev",
        "ID": "CVE-2021-3850",
        "STATE": "PUBLIC",
        "TITLE": "Authentication Bypass by Primary Weakness in adodb/adodb"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "adodb/adodb",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "5.20.21"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "adodb"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-305 Authentication Bypass by Primary Weakness"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c",
            "refsource": "CONFIRM",
            "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
          },
          {
            "name": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29",
            "refsource": "MISC",
            "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
          },
          {
            "name": "[debian-lts-announce] 20220206 [SECURITY] [DLA 2912-1] libphp-adodb security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
          },
          {
            "name": "DSA-5101",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5101"
          }
        ]
      },
      "source": {
        "advisory": "bdf5f216-4499-4225-a737-b28bc6f5801c",
        "discovery": "EXTERNAL"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c=5.20.21",
          "affected_versions": "All versions up to 5.20.21",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-287",
            "CWE-937"
          ],
          "date": "2022-10-27",
          "description": "Authentication Bypass by Primary Weakness exists in adodb/adodb.",
          "fixed_versions": [
            "5.21.0"
          ],
          "identifier": "CVE-2021-3850",
          "identifiers": [
            "CVE-2021-3850"
          ],
          "not_impacted": "All versions after 5.20.21",
          "package_slug": "packagist/adodb/adodb-php",
          "pubdate": "2022-01-25",
          "solution": "Upgrade to version 5.21.0 or above.",
          "title": "Authentication Bypass by Primary Weakness",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-3850",
            "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29",
            "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
          ],
          "uuid": "2e0b651c-5699-4704-8563-f8671482e7ca"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adodb_project:adodb:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.20.21",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2021-3850"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/adodb/adodb/commit/952de6c4273d9b1e91c2b838044f8c2111150c29"
            },
            {
              "name": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://huntr.dev/bounties/bdf5f216-4499-4225-a737-b28bc6f5801c"
            },
            {
              "name": "[debian-lts-announce] 20220206 [SECURITY] [DLA 2912-1] libphp-adodb security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00006.html"
            },
            {
              "name": "DSA-5101",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5101"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2022-10-27T11:45Z",
      "publishedDate": "2022-01-25T15:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-3850 (GCVE-0-2021-3850)

GHSA-65MJ-7C86-79JF

Impact

Patches

Workarounds

Credits

References

For more information

FKIE_CVE-2021-3850

GSD-2021-3850

Tags

Sightings

Nomenclature