CVE-2019-25447 in OrientDB
Summary
by MITRE • 02/21/2026
OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthorized actions by crafting malicious requests to endpoints like /database/, /command/, and /document/. Attackers can create or delete databases, modify schema classes, manage users, and create functions by sending authenticated requests without token validation, combined with reflected and stored cross-site scripting vulnerabilities in the web interface.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 02/21/2026
The vulnerability identified as CVE-2019-25447 affects OrientDB version 3.0.17 GA Community Edition and represents a critical cross-site request forgery vulnerability that undermines the security model of the database management system. This flaw exists within the web interface components of OrientDB, specifically targeting endpoints such as /database/, /command/, and /document/ which are commonly used for administrative operations. The vulnerability stems from insufficient token validation mechanisms that should normally protect against unauthorized actions, allowing malicious actors to exploit the system through crafted requests that appear legitimate to the server.
The technical implementation of this vulnerability combines multiple attack vectors to create a comprehensive exploitation pathway. The absence of proper CSRF token validation means that authenticated requests can be forged by attackers who craft malicious payloads targeting the vulnerable endpoints. This weakness is particularly dangerous because it operates in conjunction with reflected and stored cross-site scripting vulnerabilities present in the web interface, creating a multi-layered attack surface. The combination allows attackers to execute unauthorized operations including database creation and deletion, schema class modifications, user management functions, and function creation capabilities through a single compromised session.
From an operational perspective, this vulnerability presents significant risk to organizations relying on OrientDB for their database operations. The impact extends beyond simple data compromise to include complete administrative control over the database environment. Attackers can manipulate the database structure, modify access controls, and potentially exfiltrate sensitive data through the exposed administrative functions. The vulnerability affects the core security model of OrientDB by bypassing authentication mechanisms that should protect administrative operations, potentially leading to complete system compromise. Organizations using this version of OrientDB face the risk of unauthorized database modifications, data loss, and potential lateral movement within their network infrastructure.
The vulnerability aligns with CWE-352, which specifically addresses Cross-Site Request Forgery weaknesses in software systems, and demonstrates characteristics consistent with ATT&CK technique T1078.004 for valid accounts and T1003.001 for OS credential dumping when attackers leverage the administrative capabilities. Organizations should immediately implement mitigations including patching to the latest stable version of OrientDB, implementing proper CSRF token validation across all administrative endpoints, and enhancing web application firewall rules to detect and block suspicious request patterns. Additionally, network segmentation and access control measures should be strengthened to limit exposure of the vulnerable web interface to untrusted networks. The recommended approach includes disabling unnecessary web administration features, implementing multi-factor authentication for administrative access, and conducting regular security assessments to identify similar vulnerabilities in the application stack.