CVE-2024-55238

OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904	Exploit Third Party Advisory
https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4243	Product
https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4247	Product
https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:open-metadata:openmetadata:*:*:*:*:*:*:*:*

History

24 Apr 2025, 12:47

Type	Values Removed	Values Added
CPE		cpe:2.3:a:open-metadata:openmetadata::::::::
Summary		(es) OpenMetadata <=1.4.1 es vulnerable a la inyección SQL. Un atacante puede extraer información de la base de datos en la función listCount de la interfaz WorkflowDAO. Los parámetros workflowtype y status pueden usarse para crear una consulta SQL.
References	~~() https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904 -~~	() https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904 - Exploit, Third Party Advisory
References	~~() https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4243 -~~	() https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4243 - Product
References	~~() https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4247 -~~	() https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4247 - Product
First Time		Open-metadata Open-metadata openmetadata

17 Apr 2025, 20:21

Type	Values Removed	Values Added
CWE		CWE-89
References	~~() https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904 -~~	() https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904 -

17 Apr 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-17 16:15

Updated : 2025-04-24 12:47

NVD link : CVE-2024-55238

Mitre link : CVE-2024-55238

CVE.ORG link : CVE-2024-55238

JSON object : View

Products Affected

open-metadata

openmetadata

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

7.1 /10