CVE-2018-14623: katello SQL Injection vulnerability
4.3
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.47778%
CWE
Published
5/13/2022
Updated
3/6/2023
KEV Status
No
Technology
Ruby
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
katello | rubygems | <= 3.10 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from an incomplete fix for CVE-2016-3072, which originally involved the scoped_search function handling user-controlled sorting parameters. The errata API endpoint (/katello/api/v2/errata) uses this function to build SQL queries, and the 'sort_by' parameter manipulation leads to injection. Historical context from related CVEs and the error message leakage mechanism (CWE-209) both point to insufficient input validation in query construction logic.