We are reliable, trustworthy, and ready for challenges! Hire Us
MISP – Blind SQL injection in order parameter
- Home
- Advisories
- MISP – Blind SQL injection in order parameter
DATE
07.09.2023
Affected Vendor
CIRCL – Computer Incident Response Center Luxembourg
Affected Product
MISP – Malware Information Sharing Platform & Open Standards For Threat Information Sharing – https://www.misp-project.org/
Vulnerable version
2.4.175
Fixed version
2.4.176
CVSS
Recommendations
Upgrade to the recent MISP version
Vulnerability details
MISP is vulnerable to blind SQL injection.
The order named parameter in some areas of the application is injected into an SQL query without a proper escape. This vulnerability allows to extract various information from the database including password hashes, API keys, and other.
The exploitation of this vulnerability can be detected by examining the /var/www/MISP/app/tmp/logs/error.log
file. The following grep command can be used to look for exploitations that use sqlmap
:
grep -E '[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2} Error: \[PDOException\] SQLSTATE\[21000\]: Cardinality violation: 1242 Subquery returns more than 1 row' /var/www/MISP/app/tmp/logs/error.log
CVE
CVE-2023-48656
Credits
Dawid Czarnecki
References
- https://github.com/MISP/MISP/compare/v2.4.175…v2.4.176https://github.com/MISP/MISP/commit/d6ad402b31547c95280a6d8320f8f8
- https://github.com/MISP/MISP/commit/d6ad402b31547c95280a6d8320f8f87a8f609074
- https://cvepremium.circl.lu/cve/CVE-2023-48656
- https://github.com/MISP/MISP/compare/v2.4.175…v2.4.176
- https://github.com/MISP/MISP/commit/d6ad402b31547c95280a6d8320f8f87a8f609074
Do you think the security of your data might be lacking? Let's find the best approach together.
Once you contact us, we will ask you about the project you want to secure.