CVE-2014-2022

SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securitytracker.com/id/1031001
http://www.securityfocus.com/bid/70417
https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022	Exploit
http://seclists.org/fulldisclosure/2014/Oct/56	Exploit
http://packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html	Exploit

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vbulletin:vbulletin::::::::
	cpe:2.3:a:vbulletin:vbulletin:4.2.1:::::::*
	cpe:2.3:a:vbulletin:vbulletin:4.2.0:pl2::::::

Information

Published : 2014-10-15 07:55

Updated : 2015-08-13 11:04

NVD link : CVE-2014-2022

Mitre link : CVE-2014-2022

JSON object : View

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

Products Affected

vbulletin

vbulletin

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securitytracker.com/id/1031001", "name": "1031001", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/70417", "name": "70417", "tags": [], "refsource": "BID"}, {"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022", "name": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://seclists.org/fulldisclosure/2014/Oct/56", "name": "20141013 CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API (post-auth)", "tags": ["Exploit"], "refsource": "FULLDISC"}, {"url": "http://packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html", "name": "http://packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html", "tags": ["Exploit"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-89"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-2022", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-10-15T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.2.2"}, {"cpe23Uri": "cpe:2.3:a:vbulletin:vbulletin:4.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vbulletin:vbulletin:4.2.0:pl2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2015-08-13T18:04Z"}