CVE-2024-1032
published 2024-01-30CVE-2024-1032: A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file…
PriorityP356critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.77%
50.8th percentile
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252307.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| byron | gitoxide | >= 0 < 0.35 | 0.35 |
| openbi_project | openbi | <= 1.0.8 | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
| openbi_project | openbi | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
gix-transport indirect code execution via malicious username
ghsa·2024-04-15
CVE-2024-32884 [MEDIUM] CWE-77 gix-transport indirect code execution via malicious username
gix-transport indirect code execution via malicious username
### Summary
`gix-transport` does not check the username part of a URL for text that the external `ssh` program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clone URL is used by an application whose current working directory contains a malicious file, arbitrary code execution occurs.
### Details
This is related to the patched vulnerability https://github.com/advisories/GHSA-rrjw-j4m2-mf34, but appears less severe due to a greater attack complexity. Since https://github.com/Byron/gitoxide/pull/1032, `gix-transport` checks the host and path portions of a URL for text that has a `-` in a position that will cause `ssh` to int
GHSA
GHSA-5mh9-hrrq-46qr: A vulnerability classified as critical was found in openBI up to 1
ghsa_unreviewed·2024-01-30
CVE-2024-1032 [HIGH] CWE-502 GHSA-5mh9-hrrq-46qr: A vulnerability classified as critical was found in openBI up to 1
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252307.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-01-30
Published