CVE-2022-31196
7.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
Summary
Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a single HTTP POST request to create a databaseType. By supplying a jdbcDriverFileUrl that returns a non 200 response code, the url is executed, the response is logged (both in terminal and in database) and is included in the response. This would allow an attackers to obtain the real IP address and scan Intranet information. This issue was fixed in version 1.0.7.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| vran-dev | databasir | < 1.0.7 | affected |
Weaknesses
- CWE-918: CWE-918: Server-Side Request Forgery (SSRF)
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/vran-dev/databasir/security/advisories/GHSA-qvg8-427f-852q
- https://github.com/vran-dev/databasir/commit/226c20e0c9124037671a91d6b3e5083bd2462058
- https://github.com/vran-dev/databasir/releases/tag/v1.0.7
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
- https://github.com/vran-dev/databasir/security/advisories/GHSA-qvg8-427f-852q
- https://github.com/vran-dev/databasir/commit/226c20e0c9124037671a91d6b3e5083bd2462058
- https://github.com/vran-dev/databasir/releases/tag/v1.0.7
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.