curveball a12nserver prior 0.23.0 OAuth2 Access Token sql injection
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.5 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as critical has been found in curveball a12nserver. This vulnerability affects unknown code of the component OAuth2 Access Token Handler. The manipulation results in sql injection. This vulnerability was named CVE-2023-22494. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.
Details
A vulnerability, which was classified as critical, was found in curveball a12nserver. Affected is an unknown part of the component OAuth2 Access Token Handler. The manipulation with an unknown input leads to a sql injection vulnerability. CWE is classifying the issue as CWE-89. The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
a12nserver is an open source lightweight OAuth2 server. Users of a12nserver that use MySQL might be vulnerable to SQL injection bugs. If you use a12nserver and MySQL, update as soon as possible. This SQL injection bug might let an attacker obtain OAuth2 Access Tokens for users unrelated to those that permitted OAuth2 clients. The knex dependency has been updated to 2.4.0 in a12nserver 0.23.0. There are no known workarounds.
The weakness was presented 01/13/2023 as 1227. The advisory is available at github.com. This vulnerability is traded as CVE-2023-22494 since 12/29/2022. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1505 by the MITRE ATT&CK project.
Upgrading to version 0.23.0 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying the patch f4acd7549043e6e2b8917b77a50dce0756a922cc is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Vendor
Name
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.6VulDB Meta Temp Score: 5.5
VulDB Base Score: 4.7
VulDB Temp Score: 4.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 6.5
CNA Vector (GitHub, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Sql injectionCWE: CWE-89 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: a12nserver 0.23.0
Patch: f4acd7549043e6e2b8917b77a50dce0756a922cc
Timeline
12/29/2022 🔍01/13/2023 🔍
01/13/2023 🔍
01/13/2023 🔍
Sources
Advisory: 1227Status: Confirmed
CVE: CVE-2023-22494 (🔍)
GCVE (CVE): GCVE-0-2023-22494
GCVE (VulDB): GCVE-100-218298
Entry
Created: 01/13/2023 20:02Changes: 01/13/2023 20:02 (53)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.