Vulnerability CVE-2019-14234

Vulnerability Name:

CVE-2019-14234 (CCN-164683)

Assigned:

2019-08-01

Published:

2019-08-01

Updated:

2019-08-28

Summary:

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
9.4 Critical (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
6.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-89

Vulnerability Consequences:

Data Manipulation

References:

Source: MITRE
Type: CNA
CVE-2019-14234

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2019:1872

Source: MISC
Type: Vendor Advisory
https://docs.djangoproject.com/en/dev/releases/security/

Source: XF
Type: UNKNOWN
django-cve201914234-sql-injection(164683)

Source: MISC
Type: Mailing List, Third Party Advisory
https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2019-647f74ce51

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20190812 [SECURITY] [DSA 4498-1] python-django security update

Source: GENTOO
Type: UNKNOWN
GLSA-202004-17

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20190828-0002/

Source: DEBIAN
Type: Third Party Advisory
DSA-4498

Source: CCN
Type: Django Web site
Django security releases issued: 2.2.4, 2.1.11 and 1.11.23

Source: CONFIRM
Type: Vendor Advisory
https://www.djangoproject.com/weblog/2019/aug/01/security-releases/

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-14234

Vulnerable Configuration:

Configuration 1:

cpe:/a:djangoproject:django:*:*:*:*:*:*:*:* (Version >= 1.11 and < 1.11.23)

OR cpe:/a:djangoproject:django:*:*:*:*:*:*:*:* (Version >= 2.1 and < 2.1.11)

OR cpe:/a:djangoproject:django:*:*:*:*:*:*:*:* (Version >= 2.2 and < 2.2.4)

Configuration 2:

cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:djangoproject:django:2.2.3:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:2.1.10:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.11.22:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201914234	V	CVE-2019-14234	2022-05-22
oval:org.opensuse.security:def:60504	P	Security update for the Linux Kernel (Important)	2022-01-13
oval:org.opensuse.security:def:59873	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:93433	P	(Important)	2021-12-06
oval:org.opensuse.security:def:59573	P	Security update for openssh (Important)	2021-12-02
oval:org.opensuse.security:def:60425	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:58051	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:59818	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:60384	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:58013	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:61596	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61680	P	xorg-x11-devel-7.6.1-1.16 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61595	P	libxkbcommon-devel-0.8.2-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63193	P	apache2-mod_apparmor-2.12.2-7.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63245	P	vsftpd-3.0.3-7.7.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61679	P	xorg-x11-7.6_1-1.22 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61619	P	patch-2.7.6-3.5 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63240	P	squid-4.4-5.3.2 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:74308	P	Security update for libaom (Important)	2021-09-09
oval:org.opensuse.security:def:63419	P	binutils-gold-2.32-7.8.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63341	P	libmariadb-devel-3.1.12-3.25.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63379	P	subversion-server-1.10.6-3.15.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63412	P	apache-commons-beanutils-1.9.4-1.68 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63483	P	libgd3-32bit-2.2.5-9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63517	P	python3-avahi-0.7-3.6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63329	P	gnuplot-5.2.2-3.6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63380	P	swtpm-0.5.2-1.20 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63433	P	liblcms2-2-32bit-2.9-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62344	P	unzip-6.00-4.8.13 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62061	P	dhcp-4.3.5-6.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63011	P	gradle-4.4.1-1.87 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62148	P	libdmx-devel-1.1.3-1.23 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62385	P	docker-libnetwork-0.7.0.1+gitr2908_55e924b8a842-4.31.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63044	P	subversion-bash-completion-1.10.6-3.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62255	P	libzstd-devel-1.4.4-1.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:57939	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:62853	P	git-2.16.3-1.30 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:57454	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:57009	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:57182	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:60466	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:58082	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:60288	P	Security update for mutt (Moderate)	2021-01-22
oval:org.opensuse.security:def:61703	P	axis-1.4-11.65 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62595	P	perl-MIME-Charset-1.012.2-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62373	P	podman-1.0.1-2.20 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63146	P	davfs2-1.5.4-1.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62574	P	libpcre2-posix2-10.31-1.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61788	P	libXcursor-devel-1.1.15-1.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62690	P	libout123-0-1.25.10-1.38 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62397	P	bubblewrap-0.2.0-1.49 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63278	P	libosinfo-devel-1.7.1-1.52 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63055	P	python2-numpy-gnu-hpc-1.16.5-1.164 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61874	P	librrd8-1.7.0-4.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62476	P	libusbmuxd-devel-1.0.10-3.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63142	P	apache2-mod_nss-1.0.17-1.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62914	P	pam-devel-32bit-1.3.0-6.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62374	P	buildah-1.7.1-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:57739	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60853	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:59201	P	Security update for wget (Important)	2020-12-01
oval:org.opensuse.security:def:63986	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:60882	P	Security update for python-Django (Important)	2020-12-01
oval:org.opensuse.security:def:59382	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:58984	P	Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:64242	P	dstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56609	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:59936	P	Security update for postgresql96 (Important)	2020-12-01
oval:org.opensuse.security:def:60543	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60172	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60762	P	Security update for tomcat (Moderate)	2020-12-01
oval:org.opensuse.security:def:63880	P	Security update for openwsman (Important)	2020-12-01
oval:org.opensuse.security:def:60803	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:59224	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:58132	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:58962	P	Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:64130	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:56608	P	Security update for openslp (Important)	2020-12-01
oval:org.opensuse.security:def:59392	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:58156	P	Security update for python-Django (Important)	2020-12-01
oval:org.opensuse.security:def:56771	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:57288	P	Security update for Image Magick	2020-12-01
oval:org.opensuse.security:def:60724	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:57847	P	libruby2_1-2_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63746	P	Security update for cronie (Low)	2020-12-01
oval:org.opensuse.security:def:60593	P	Security update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api (Important)	2020-12-01
oval:org.opensuse.security:def:59202	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:58961	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:64088	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:59635	P	Security update for perl (Important)	2020-12-01
oval:org.opensuse.security:def:60621	P	Security update for python-Django (Important)	2020-12-01
oval:org.opensuse.security:def:59140	P	Security update for LibVNCServer (Critical)	2020-12-01
oval:org.opensuse.security:def:74182	P	Security update for rubygem-actionpack-5_1 (Important)	2020-12-01
oval:org.opensuse.security:def:56631	P	Security update for pam_pkcs11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:60125	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:59688	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:60640	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:87985	P	Security update for python-Django1 (Important)	2019-09-09
oval:org.opensuse.security:def:88288	P	Security update for python-Django1 (Important)	2019-09-09
oval:org.opensuse.security:def:84335	P	Security update for python-Django (Important)	2019-09-02
oval:org.opensuse.security:def:83887	P	Security update for python-Django (Important)	2019-09-02
oval:org.opensuse.security:def:80791	P	Security update for python-Django (Important)	2019-08-19
oval:org.opensuse.security:def:100146	P	Security update for python-Django (Moderate)	2019-08-14
oval:com.ubuntu.bionic:def:2019142340000000	V	CVE-2019-14234 on Ubuntu 18.04 LTS (bionic) - medium.	2019-08-09
oval:com.ubuntu.xenial:def:2019142340000000	V	CVE-2019-14234 on Ubuntu 16.04 LTS (xenial) - medium.	2019-08-09
oval:com.ubuntu.disco:def:2019142340000000	V	CVE-2019-14234 on Ubuntu 19.04 (disco) - medium.	2019-08-09
oval:org.opensuse.security:def:109932	P	Security update for python-Django (Moderate)	2019-08-08

BACK