Vulnerabilites related to cratedb - cratedb
cve-2024-24565
Vulnerability from cvelistv5
Published
2024-01-30 16:46
Modified
2024-08-23 19:32
Severity ?
EPSS score ?
Summary
CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. This vulnerability is patched in 5.3.9, 5.4.8, 5.5.4, and 5.6.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96 | x_refsource_CONFIRM | |
| https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:19:52.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96"
},
{
"name": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cratedb",
"vendor": "cratedb",
"versions": [
{
"lessThan": "5.3.9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "5.4.8",
"status": "affected",
"version": "5.4.0",
"versionType": "custom"
},
{
"lessThan": "5.5.4",
"status": "affected",
"version": "5.5.0",
"versionType": "custom"
},
{
"lessThan": "5.6.1",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24565",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-23T19:29:50.519568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T19:32:35.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "crate",
"vendor": "crate",
"versions": [
{
"status": "affected",
"version": "\u003c 5.3.9"
},
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.8"
},
{
"status": "affected",
"version": "\u003e= 5.5.0, \u003c 5.5.4"
},
{
"status": "affected",
"version": "\u003e= 5.6.0, \u003c 5.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. This vulnerability is patched in 5.3.9, 5.4.8, 5.5.4, and 5.6.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T16:46:15.200Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96"
},
{
"name": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6"
}
],
"source": {
"advisory": "GHSA-475g-vj6c-xf96",
"discovery": "UNKNOWN"
},
"title": "CrateDB database has an arbitrary file read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24565",
"datePublished": "2024-01-30T16:46:15.200Z",
"dateReserved": "2024-01-25T15:09:40.209Z",
"dateUpdated": "2024-08-23T19:32:35.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51982
Vulnerability from cvelistv5
Published
2024-01-30 00:00
Modified
2024-08-02 22:48
Severity ?
EPSS score ?
Summary
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:12.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/crate/crate/issues/15231"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T00:25:22.030641",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/crate/crate/issues/15231"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51982",
"datePublished": "2024-01-30T00:00:00",
"dateReserved": "2023-12-26T00:00:00",
"dateUpdated": "2024-08-02T22:48:12.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-01-30 17:15
Modified
2024-11-21 08:59
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. This vulnerability is patched in 5.3.9, 5.4.8, 5.5.4, and 5.6.1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF44B85-F769-493B-A674-7A8456A874F8",
"versionEndExcluding": "5.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64B0DBA5-7EA3-4398-ACF8-D852EFA5C744",
"versionEndExcluding": "5.4.8",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4ABD3EE-2E41-4CF6-BC26-F947BB6499E2",
"versionEndExcluding": "5.5.4",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80901C4B-6B82-40BF-BC22-DA206B95003C",
"versionEndExcluding": "5.6.1",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. This vulnerability is patched in 5.3.9, 5.4.8, 5.5.4, and 5.6.1."
},
{
"lang": "es",
"value": "CrateDB es una base de datos SQL distribuida que simplifica el almacenamiento y an\u00e1lisis de cantidades masivas de datos en tiempo real. Hay una funci\u00f3n COPIAR DESDE en la base de datos CrateDB que se utiliza para importar datos de archivos a tablas de bases de datos. Esta funci\u00f3n tiene un defecto y los atacantes autenticados pueden utilizar la funci\u00f3n COPIAR DE para importar contenido de archivos arbitrario en tablas de bases de datos, lo que provoca una fuga de informaci\u00f3n. Esta vulnerabilidad est\u00e1 parcheada en 5.3.9, 5.4.8, 5.5.4 y 5.6.1."
}
],
"id": "CVE-2024-24565",
"lastModified": "2024-11-21T08:59:25.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-30T17:15:12.110",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-30 01:15
Modified
2024-11-21 08:39
Severity ?
Summary
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/crate/crate/issues/15231 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/crate/crate/issues/15231 | Exploit, Issue Tracking |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cratedb:cratedb:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA795AD-7B75-41DA-B82D-3A032DBAE7BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)"
},
{
"lang": "es",
"value": "CrateDB 5.5.1 contiene una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en el componente de la interfaz de usuario de administraci\u00f3n. Despu\u00e9s de configurar la autenticaci\u00f3n de contrase\u00f1a y_ Local_ En el caso de una direcci\u00f3n, la autenticaci\u00f3n de identidad se puede omitir configurando el encabezado de solicitud de IP de X-Real en un valor espec\u00edfico y accediendo a la interfaz de usuario del administrador directamente utilizando la identidad de usuario predeterminada. (https://github. es/crate/crate/issues/15231)"
}
],
"id": "CVE-2023-51982",
"lastModified": "2024-11-21T08:39:01.510",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-30T01:15:59.013",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/crate/crate/issues/15231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/crate/crate/issues/15231"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}