{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1432", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2026-01-26T12:24:50.541Z", "datePublished": "2026-02-03T11:14:37.406Z", "dateUpdated": "2026-02-03T15:28:52.317Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Buroweb", "vendor": "T-Systems", "versions": [{"lessThan": "2505.0.13", "status": "affected", "version": "0", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:t-systems:buroweb:*:*:*:*:*:*:*:*", "versionEndExcluding": "2505.0.13", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Iban Ruiz de Galarreta Cadenas"}], "datePublic": "2026-02-03T11:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'. Exploiting this vulnerability could allow an attacker to execute queries on the database and gain access to confidential information."}], "value": "SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'. Exploiting this vulnerability could allow an attacker to execute queries on the database and gain access to confidential information."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2026-02-03T11:14:37.406Z"}, "references": [{"tags": ["patch"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-sqli-buroweb-platform"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The vulnerability has been fixed by the T-Systems team in version 2505.0.13. It is recommended to update the system software to this version or, failing that, to the latest stable version."}], "value": "The vulnerability has been fixed by the T-Systems team in version 2505.0.13. It is recommended to update the system software to this version or, failing that, to the latest stable version."}], "source": {"discovery": "EXTERNAL"}, "title": "SQL injection (SQLi) on the Buroweb platform", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-03T15:19:44.387188Z", "id": "CVE-2026-1432", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:28:52.317Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1432", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-03T15:19:44.387188Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:28:44.904Z"}}], "cna": {"title": "SQL injection (SQLi) on the Buroweb platform", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Iban Ruiz de Galarreta Cadenas"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:N/SA:L", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "T-Systems", "product": "Buroweb", "versions": [{"status": "affected", "version": "0", "lessThan": "2505.0.13", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The vulnerability has been fixed by the T-Systems team in version 2505.0.13. It is recommended to update the system software to this version or, failing that, to the latest stable version.", "supportingMedia": [{"type": "text/html", "value": "The vulnerability has been fixed by the T-Systems team in version 2505.0.13. It is recommended to update the system software to this version or, failing that, to the latest stable version.", "base64": false}]}], "datePublic": "2026-02-03T11:00:00.000Z", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-sqli-buroweb-platform", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'. Exploiting this vulnerability could allow an attacker to execute queries on the database and gain access to confidential information.", "supportingMedia": [{"type": "text/html", "value": "SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'. Exploiting this vulnerability could allow an attacker to execute queries on the database and gain access to confidential information.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:t-systems:buroweb:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2505.0.13", "versionStartIncluding": "0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2026-02-03T11:14:37.406Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1432", "state": "PUBLISHED", "dateUpdated": "2026-02-03T15:28:52.317Z", "dateReserved": "2026-01-26T12:24:50.541Z", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "datePublished": "2026-02-03T11:14:37.406Z", "assignerShortName": "INCIBE"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the 'tablon' component. This vulnerability is present in several parameters that do not correctly sanitize user input in the endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'. Exploiting this vulnerability could allow an attacker to execute queries on the database and gain access to confidential information."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en la plataforma Buroweb versi\u00f3n 2505.0.12, espec\u00edficamente en el componente 'tablon'. Esta vulnerabilidad est\u00e1 presente en varios par\u00e1metros que no sanean correctamente la entrada del usuario en el endpoint '/sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON'. Explotar esta vulnerabilidad podr\u00eda permitir a un atacante ejecutar consultas en la base de datos y obtener acceso a informaci\u00f3n confidencial."}], "id": "CVE-2026-1432", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2026-02-03T12:16:11.777", "references": [{"source": "cve-coordination@incibe.es", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-sqli-buroweb-platform"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "cve-coordination@incibe.es", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T20:09:56.031334+00:00", "value": {"mitigation_remediation": ["Upgrade the Buroweb platform to version\u202f2505.0.13 or a newer stable release as published by T\u2011Systems.", "Limit exposure of the vulnerable endpoint by applying a web\u2011application firewall rule that rejects or restricts access to /sta/CarpetaPublic/doEvent with APP_CODE=STA&PAGE_CODE=TABLON until the upgrade is completed.", "Perform a vulnerability scan or targeted penetration test against the endpoint after the upgrade to confirm that the SQL injection issue has been removed before the system is fully operational."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized Database Access via Remote SQL Injection"}, "threat_synthesis": {"affected_systems": "The affected product is T\u2011Systems Buroweb, specifically the 2505.0.12 release. It has been fixed in 2505.0.13 and any later stable release according to the vendor\u2019s advisory.", "description_and_impact": "The Buroweb platform version 2505.0.12 contains a SQL injection flaw in the \u2018tablon\u2019 component. Unsanitized parameters in the endpoint /sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON allow an attacker to embed arbitrary SQL statements. Exploiting this vulnerability could allow an adversary to execute queries on the database and gain access to confidential information.", "risk_and_exploitability": "The CVSS score of 9.3 classifies the vulnerability as Critical. However, the EPSS score is listed as <\u202f1\u202f%, indicating that exploitation attempts are currently rare at the industry level. The vulnerability is not included in CISA\u2019s KEV catalog, suggesting no known widespread exploitation yet. Based on the description, the likely attack vector is remote HTTP requests to the vulnerable endpoint, and the flaw does not appear to require authentication, which widens its attack surface."}}}}, "created": "2026-04-18T20:15:09.550645+00:00", "updated": "2026-04-18T20:15:09.550657+00:00", "vendors": []}