CVE-2024-39909 - Vulnerability Details - OpenCVE

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource `/api/applicationResources` via the following parameter `packageID`. As it can be seen in backend/pkg/database/id_view.go, while building the SQL Query the `fmt.Sprintf` function is used to build the query string without the input having first been subjected to any validation. This vulnerability is fixed in 2.23.1.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79
https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294
https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-12T14:34:25.230Z

Updated: 2024-08-02T04:33:11.579Z

Reserved: 2024-07-02T19:37:18.600Z

Link: CVE-2024-39909

Vulnrichment

Updated: 2024-08-02T04:33:11.579Z

NVD

Status : Awaiting Analysis

Published: 2024-07-12T15:15:11.393

Modified: 2024-11-21T09:28:32.873

Link: CVE-2024-39909

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39909", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-02T19:37:18.600Z", "datePublished": "2024-07-12T14:34:25.230Z", "dateUpdated": "2024-08-02T04:33:11.579Z"}, "containers": {"cna": {"title": "SQL Injection in the KubeClarity REST API", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw"}, {"name": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294"}, {"name": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79", "tags": ["x_refsource_MISC"], "url": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79"}], "affected": [{"vendor": "openclarity", "product": "kubeclarity", "versions": [{"version": "< 2.23.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-12T14:34:25.230Z"}, "descriptions": [{"lang": "en", "value": "KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource `/api/applicationResources` via the following parameter `packageID`. As it can be seen in backend/pkg/database/id_view.go, while building the SQL Query the `fmt.Sprintf` function is used to build the query string without the input having first been subjected to any validation. This vulnerability is fixed in 2.23.1."}], "source": {"advisory": "GHSA-5248-h45p-9pgw", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "openclarity", "product": "kubeclarity", "cpes": ["cpe:2.3:a:openclarity:kubeclarity:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2.23.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-12T15:50:47.905358Z", "id": "CVE-2024-39909", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T18:04:01.688Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.579Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw"}, {"name": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294"}, {"name": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw", "name": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294", "name": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79", "name": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:33:11.579Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39909", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-12T15:50:47.905358Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:openclarity:kubeclarity:*:*:*:*:*:*:*:*"], "vendor": "openclarity", "product": "kubeclarity", "versions": [{"status": "affected", "version": "0", "lessThan": "2.23.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T15:57:08.394Z"}}], "cna": {"title": "SQL Injection in the KubeClarity REST API", "source": {"advisory": "GHSA-5248-h45p-9pgw", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "openclarity", "product": "kubeclarity", "versions": [{"status": "affected", "version": "< 2.23.1"}]}], "references": [{"url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw", "name": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294", "name": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79", "name": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource `/api/applicationResources` via the following parameter `packageID`. As it can be seen in backend/pkg/database/id_view.go, while building the SQL Query the `fmt.Sprintf` function is used to build the query string without the input having first been subjected to any validation. This vulnerability is fixed in 2.23.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-12T14:34:25.230Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39909", "state": "PUBLISHED", "dateUpdated": "2024-08-02T04:33:11.579Z", "dateReserved": "2024-07-02T19:37:18.600Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-12T14:34:25.230Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource `/api/applicationResources` via the following parameter `packageID`. As it can be seen in backend/pkg/database/id_view.go, while building the SQL Query the `fmt.Sprintf` function is used to build the query string without the input having first been subjected to any validation. This vulnerability is fixed in 2.23.1."}, {"lang": "es", "value": "KubeClarity es una herramienta para la detecci\u00f3n y gesti\u00f3n de listas de materiales de software (SBOM) y vulnerabilidades de im\u00e1genes de contenedores y sistemas de archivos. Una inyecci\u00f3n SQL booleana/hora est\u00e1 presente en el siguiente recurso `/api/applicationResources` a trav\u00e9s del siguiente par\u00e1metro `packageID`. Como se puede ver en backend/pkg/database/id_view.go, mientras se construye la consulta SQL, la funci\u00f3n `fmt.Sprintf` se utiliza para construir la cadena de consulta sin que la entrada haya sido sometida primero a ninguna validaci\u00f3n. Esta vulnerabilidad se solucion\u00f3 en 2.23.1."}], "id": "CVE-2024-39909", "lastModified": "2024-11-21T09:28:32.873", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-12T15:15:11.393", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79"}, {"source": "security-advisories@github.com", "url": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294"}, {"source": "security-advisories@github.com", "url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Secondary"}]}