CVE-2021-38481 - Vulnerability Details - OpenCVE

Description

The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string.

Published: 2021-10-22

Score: 8.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

AUVESY

Versiondog

affected

Version	Status	Constraints
`All`	affected	≤ 8.0

Configuration 1 [-]

cpe:2.3:a:auvesy:versiondog:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

AUVESY recommends upgrading Versiondog to Version 8.1 or later (login required).

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2021-24933	The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00243.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01

History

Mon, 16 Sep 2024 23:00:00 +0000

Type	Values Removed	Values Added
Title	AUVESY Versiondog	AUVESY Versiondog

Subscriptions

Auvesy Versiondog

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2021-10-22T11:22:32.687Z

Updated: 2024-09-16T22:46:06.579Z

Reserved: 2021-08-10T00:00:00.000Z

Link: CVE-2021-38481

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-10-22T12:15:09.003

Modified: 2024-11-21T06:17:12.550

Link: CVE-2021-38481

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-89

{"containers": {"cna": {"affected": [{"product": "Versiondog", "vendor": "AUVESY", "versions": [{"lessThanOrEqual": "8.0", "status": "affected", "version": "All", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Amir Preminger of Claroty reported these vulnerabilities to CISA."}], "datePublic": "2021-08-19T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 SQL Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-22T11:22:32.000Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01"}], "solutions": [{"lang": "en", "value": "AUVESY recommends upgrading Versiondog to Version 8.1 or later (login required)."}], "source": {"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01", "discovery": "UNKNOWN"}, "title": "AUVESY Versiondog", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2021-08-19T15:34:00.000Z", "ID": "CVE-2021-38481", "STATE": "PUBLIC", "TITLE": "AUVESY Versiondog"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Versiondog", "version": {"version_data": [{"version_affected": "<=", "version_name": "All", "version_value": "8.0"}]}}]}, "vendor_name": "AUVESY"}]}}, "credit": [{"lang": "eng", "value": "Amir Preminger of Claroty reported these vulnerabilities to CISA."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-89 SQL Injection"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01"}]}, "solution": [{"lang": "en", "value": "AUVESY recommends upgrading Versiondog to Version 8.1 or later (login required)."}], "source": {"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:44:22.488Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-38481", "datePublished": "2021-10-22T11:22:32.687Z", "dateReserved": "2021-08-10T00:00:00.000Z", "dateUpdated": "2024-09-16T22:46:06.579Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:auvesy:versiondog:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBF7C4F8-6B57-48B0-AE9D-DB2BFF4486B8", "versionEndIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The scheduler service running on a specific TCP port enables the user to start and stop jobs. There is no sanitation of the supplied JOB ID provided to the function. An attacker may send a malicious payload that can enable the user to execute another SQL expression by sending a specific string."}, {"lang": "es", "value": "El servicio de programaci\u00f3n que se ejecuta en un puerto TCP espec\u00edfico permite al usuario iniciar y detener trabajos. No se presenta saneo del ID de JOB suministrado a la funci\u00f3n. Un atacante puede enviar una carga \u00fatil maliciosa que puede permitir al usuario ejecutar otra expresi\u00f3n SQL mediante el env\u00edo de una cadena espec\u00edfica"}], "id": "CVE-2021-38481", "lastModified": "2024-11-21T06:17:12.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-10-22T12:15:09.003", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}