CVE-2024-54447 (GCVE-0-2024-54447)

Vulnerability from cvelistv5 – Published: 2025-03-14 17:57 – Updated: 2025-03-18 16:37
VLAI?
Summary
Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables.
Severity ?
7.1 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
Vendor Product Version
LogicalDOC LogicalDOC Community Affected: 0 , < 9.1 (custom)
Create a notification for this product.
Credits
Matthew Hogg
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-54447",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-17T16:21:14.037854Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T16:37:33.586Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "LogicalDOC Community",
          "vendor": "LogicalDOC",
          "versions": [
            {
              "lessThan": "9.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "LogicalDOC Enterprise",
          "vendor": "LogicalDOC",
          "versions": [
            {
              "lessThan": "9.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Matthew Hogg"
        }
      ],
      "datePublic": "2025-02-05T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers.\u0026nbsp;Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables."
            }
          ],
          "value": "Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers.\u00a0Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-7",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-7 Blind SQL Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-14T18:11:54.500Z",
        "orgId": "8cad7728-009c-4a3d-a95e-ca62e6ff8a0b",
        "shortName": "BlackDuck"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Blind SQLi in Saved Search",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability has been mitigated in LogicalDOC Community and Enterprise Editions version 9.1 by commit e7cd313.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "This vulnerability has been mitigated in LogicalDOC Community and Enterprise Editions version 9.1 by commit e7cd313."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cad7728-009c-4a3d-a95e-ca62e6ff8a0b",
    "assignerShortName": "BlackDuck",
    "cveId": "CVE-2024-54447",
    "datePublished": "2025-03-14T17:57:26.356Z",
    "dateReserved": "2024-12-02T14:24:46.526Z",
    "dateUpdated": "2025-03-18T16:37:33.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-54447\",\"sourceIdentifier\":\"disclosure@synopsys.com\",\"published\":\"2025-03-14T18:15:30.487\",\"lastModified\":\"2025-03-14T18:15:30.487\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers.\u00a0Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n de b\u00fasqueda guardada contiene una inyecci\u00f3n SQL ciega que puede ser explotada por atacantes autenticados. Mediante una t\u00e9cnica de SQL ciega basada en el tiempo, el atacante puede divulgar todo el contenido de la base de datos. La apropiaci\u00f3n de cuentas es un posible resultado, dependiendo de la presencia o ausencia de entradas en ciertas tablas de la base de datos.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"disclosure@synopsys.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"disclosure@synopsys.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"references\":[{\"url\":\"https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html\",\"source\":\"disclosure@synopsys.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-54447\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-17T16:21:14.037854Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-17T16:21:19.041Z\"}}], \"cna\": {\"title\": \"Blind SQLi in Saved Search\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Matthew Hogg\"}], \"impacts\": [{\"capecId\": \"CAPEC-7\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-7 Blind SQL Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"LogicalDOC\", \"product\": \"LogicalDOC Community\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"LogicalDOC\", \"product\": \"LogicalDOC Enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-02-05T17:00:00.000Z\", \"references\": [{\"url\": \"https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html\", \"tags\": [\"third-party-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"This vulnerability has been mitigated in LogicalDOC Community and Enterprise Editions version 9.1 by commit e7cd313.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eThis vulnerability has been mitigated in LogicalDOC Community and Enterprise Editions version 9.1 by commit e7cd313.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers.\\u00a0Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers.\u0026nbsp;Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-89\", \"description\": \"CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"8cad7728-009c-4a3d-a95e-ca62e6ff8a0b\", \"shortName\": \"BlackDuck\", \"dateUpdated\": \"2025-03-14T18:11:54.500Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-54447\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-18T16:37:33.586Z\", \"dateReserved\": \"2024-12-02T14:24:46.526Z\", \"assignerOrgId\": \"8cad7728-009c-4a3d-a95e-ca62e6ff8a0b\", \"datePublished\": \"2025-03-14T17:57:26.356Z\", \"assignerShortName\": \"BlackDuck\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.