github - ghsa-wwc5-p8v7-jw92

GHSA-WWC5-P8V7-JW92

Vulnerability from github – Published: 2024-11-21 21:33 – Updated: 2024-11-21 21:33

Details

Multiple endpoints in oracle-sidecar in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections.

Severity ?

6.8 (Medium)


                  
                    CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-49588"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-21T20:15:42Z",
    "severity": "MODERATE"
  },
  "details": "Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections.",
  "id": "GHSA-wwc5-p8v7-jw92",
  "modified": "2024-11-21T21:33:32Z",
  "published": "2024-11-21T21:33:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49588"
    },
    {
      "type": "WEB",
      "url": "https://cwe.mitre.org/data/definitions/89.html"
    },
    {
      "type": "WEB",
      "url": "https://palantir.safebase.us/?tcuUid=b5724367-8b86-436a-8ef2-4480ec41cc2c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-49588 (GCVE-0-2024-49588)

Vulnerability from cvelistv5 – Published: 2024-11-21 19:59 – Updated: 2024-11-27 16:13

Summary

Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections.

Severity ?

6.8 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/MAV:A/MAC:L/MPR:H/MUI:R/MS:U

CWE

CWE-89 - The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Assigner

Palantir

References

URL

Tags

	https://palantir.safebase.us/?tcuUid=b5724367-8b8…
	https://cwe.mitre.org/data/definitions/89.html

Impacted products

	Vendor	Product	Version
	Palantir	com.palantir.srx.prometheus.sls-oracle-sidecar:sls-oracle-sidecar	Affected: * , < 0.544.0 (semver) Affected: 0.347.0 , < * (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:oracle:oracle-sidecar:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "oracle-sidecar",
            "vendor": "oracle",
            "versions": [
              {
                "lessThan": "0.544.0",
                "status": "affected",
                "version": "0.347.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-49588",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-27T15:36:09.668611Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-27T16:13:10.426Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "com.palantir.srx.prometheus.sls-oracle-sidecar:sls-oracle-sidecar",
          "vendor": "Palantir",
          "versions": [
            {
              "lessThan": "0.544.0",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0.347.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-66",
          "descriptions": [
            {
              "lang": "en",
              "value": "This attack exploits target software that constructs SQL statements based on user input. An attacker crafts input strings so that when the target software constructs SQL statements based on the input, the resulting SQL statement performs actions other than those the application intended. SQL Injection results from failure of the application to appropriately validate input."
            }
          ]
        },
        {
          "capecId": "CAPEC-108",
          "descriptions": [
            {
              "lang": "en",
              "value": "An attacker uses standard SQL injection methods to inject data into the command line for execution. This could be done directly through misuse of directives such as MSSQL_xp_cmdshell or indirectly through injection of data into the database that would be interpreted as shell commands. Sometime later, an unscrupulous backend application (or could be part of the functionality of the same application) fetches the injected data stored in the database and uses this data as command line arguments without performing proper validation. The malicious data escapes that data plane by spawning new commands to be executed on the host."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/MAV:A/MAC:L/MPR:H/MUI:R/MS:U",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-21T19:59:45.456Z",
        "orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
        "shortName": "Palantir"
      },
      "references": [
        {
          "url": "https://palantir.safebase.us/?tcuUid=b5724367-8b86-436a-8ef2-4480ec41cc2c"
        },
        {
          "url": "https://cwe.mitre.org/data/definitions/89.html"
        }
      ],
      "source": {
        "defect": [
          "PLTRSEC-2024-46"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Multiple authenticated SQL injections in oracle-sidecar"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
    "assignerShortName": "Palantir",
    "cveId": "CVE-2024-49588",
    "datePublished": "2024-11-21T19:59:45.456Z",
    "dateReserved": "2024-10-16T19:09:45.689Z",
    "dateUpdated": "2024-11-27T16:13:10.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-WWC5-P8V7-JW92

CVE-2024-49588 (GCVE-0-2024-49588)

Tags

Sightings

Nomenclature