CVE-2022-31092

SQL injection in pimcore

Severity Score

8.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Pimcore is an Open Source Data & Experience Management Platform. Pimcore offers developers listing classes to make querying data easier. This listing classes also allow to order or group the results based on one or more columns which should be quoted by default. The actual issue is that quoting is not done properly in both cases, so there's the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the listing classes. This issue has been resolved in version 10.4.4. Users are advised to upgrade or to apple the patch manually. There are no known workarounds for this issue.

Pimcore es una plataforma de administración de datos y experiencias de código abierto. Pimcore ofrece a desarrolladores clases de listado para facilitar la consulta de datos. Estas clases de listado también permiten ordenar o agrupar los resultados en base a una o más columnas que deberían ser citadas por defecto. El problema actual es que el entrecomillado no es realizado apropiadamente en ambos casos, por lo que se presenta la posibilidad teórica de inyectar SQL personalizado si el desarrollador usa estos métodos con datos de entrada y no realiza una comprobación de entrada apropiada de antemano, por lo que confía en el autocitado que realizan las clases de listado. Este problema ha sido resuelto en versión 10.4.4. Es recomendado a usuarios actualizar o aplicar el parche manualmente. No se presentan mitigaciones conocidas para este problema

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-05-18 CVE Reserved
2022-06-27 CVE Published
2024-08-03 CVE Updated
2024-08-03 First Exploit
2024-09-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC
https://github.com/pimcore/pimcore/security/advisories/GHSA-gvmf-wcx6-p974	2024-08-03

URL	Date	SRC
https://github.com/pimcore/pimcore/commit/21559c6bf0e4e828d33ff7af6e88caecb5ac6549	2022-07-08
https://github.com/pimcore/pimcore/pull/12444	2022-07-08

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Pimcore Search vendor "Pimcore"		Pimcore Search vendor "Pimcore" for product "Pimcore"				< 10.4.4 Search vendor "Pimcore" for product "Pimcore" and version " < 10.4.4"		-		Affected