CVE-2021-44599

{"id": "CVE-2021-44599", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-12-23T13:15:10.540", "references": [{"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Online-Enrollment-Management-System", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Online-Enrollment-Management-System", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve sensitive information for all users of this system."}, {"lang": "es", "value": "El par\u00e1metro id del sistema Online Enrollment Management System versi\u00f3n 1.0, parece ser vulnerable a ataques de inyecci\u00f3n SQL. Una carga \u00fatil dise\u00f1ada inyecta una subconsulta SQL que llama a la funci\u00f3n load_file de MySQL con una ruta de archivo UNC que hace referencia a una URL en un dominio externo. La aplicaci\u00f3n interactu\u00f3 con ese dominio, indicando que la consulta SQL inyectada fue ejecutada. El atacante puede recuperar informaci\u00f3n confidencial de todos los usuarios de este sistema"}], "lastModified": "2024-11-21T06:31:15.783", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:online_enrollment_management_system_project:online_enrollment_management_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "572B31C3-D2F0-4064-8367-2B697C2C093D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}