Miggo Logo

CVE-2017-11467: OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection

9.8

CVSS Score
3.0

Basic Information

EPSS Score
0.98819%
Published
10/18/2018
Updated
2/20/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.orientechnologies:orientdb-coremaven< 2.2.232.2.23

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing privilege checks during the processing of WHERE, FETCHPLAN, and ORDER BY clauses in SQL queries. These clauses are parsed and executed by OrientDB's query engine components. The identified functions are core to query execution and would logically enforce security constraints if properly implemented. Historical context from similar vulnerabilities (e.g., CWE-269) and OrientDB's architecture suggests these components would handle clause validation. While explicit patch details are unavailable, the functions' roles align with the described attack vector (crafted clauses bypassing privilege checks), warranting high confidence.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Ori*nt** t*rou** *.*.** *o*s not *n*or** privil*** r*quir*m*nts *urin* "w**r*" or "**t**pl*n" or "or**r *y" us*, w*i** *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry OS *omm*n*s vi* * *r**t** r*qu*st.

Reasoning

T** vuln*r**ility st*ms *rom missin* privil*** ****ks *urin* t** pro**ssin* o* W**R*, **T**PL*N, *n* OR**R *Y *l*us*s in SQL qu*ri*s. T**s* *l*us*s *r* p*rs** *n* *x**ut** *y Ori*nt**'s qu*ry *n*in* *ompon*nts. T** i**nti*i** *un*tions *r* *or* to qu