CVE-2024-54447

Summary

Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in certain database tables.

Affected Software

VendorProductVersion RangeStatus
LogicalDOCLogicalDOC Community0 < 9.1affected
LogicalDOCLogicalDOC Enterprise0 < 9.1affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Workarounds

This vulnerability has been mitigated in LogicalDOC Community and Enterprise Editions version 9.1 by commit e7cd313.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References