Vulnerability CVE-2022-24407

Vulnerability Name:

CVE-2022-24407 (CCN-220223)

Assigned:

2022-02-22

Published:

2022-02-22

Updated:

2022-11-07

Summary:

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
8.4 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
8.4 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.8 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
8.4 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-89

Vulnerability Consequences:

Data Manipulation

References:

Source: MITRE
Type: CNA
CVE-2022-24407

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[oss-security] 20220223 Fwd: Cyrus-SASL 2.1.28 released [fixes CVE-2022-24407 & CVE-2019-19906]

Source: XF
Type: UNKNOWN
cyrussasl-cve202224407-sql-injection(220223)

Source: CONFIRM
Type: Release Notes, Third Party Advisory
https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20220306 [SECURITY] [DLA 2931-1] cyrus-sasl2 security update

Source: FEDORA
Type: Issue Tracking, Third Party Advisory
FEDORA-2022-e33e824d37

Source: FEDORA
Type: Issue Tracking, Third Party Advisory
FEDORA-2022-8cc64f73d0

Source: FEDORA
Type: Issue Tracking, Third Party Advisory
FEDORA-2022-f9642fab70

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20221007-0003/

Source: CCN
Type: Cyrus IMAP web site
Cyrus SASL

Source: MISC
Type: Release Notes, Vendor Advisory
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28

Source: DEBIAN
Type: Third Party Advisory
DSA-5087

Source: CCN
Type: IBM Security Bulletin 6575483 (Watson Speech Services Cartridge for Cloud Pak for Data)
A Cyrus SASL vulnerability affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2022-24407)

Source: CCN
Type: IBM Security Bulletin 6601933 (QRadar Network Security)
IBM QRadar Network Security is affected by Vulnerability in Cyrus SASL.(CVE-2022-24407)

Source: CCN
Type: IBM Security Bulletin 6605875 (Security Access Manager Appliance)
Security Vulnerabilities have been fixed in IBM Security Access Manager appliance (CVE-2022-24407, CVE-2020-25709, CVE-2020-25710)

Source: CCN
Type: IBM Security Bulletin 6614449 (Robotic Process Automation for Cloud Pak)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Source: CCN
Type: IBM Security Bulletin 6614725 (QRadar SIEM)
IBM QRadar SIEM includes components with multiple known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6838291 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Source: CCN
Type: Oracle CPUJul2022
Oracle Critical Patch Update Advisory - July 2022

Source: N/A
Type: Patch, Third Party Advisory
N/A

Source: CCN
Type: SUSE Web site
CVE-2022-24407 | SUSE

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2022-24407

Vulnerable Configuration:

Configuration 1:

cpe:/a:cyrusimap:cyrus-sasl:*:*:*:*:*:*:*:* (Version >= 2.1.17 and <= 2.1.27)

Configuration 2:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

OR cpe:/a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:rhel_els:6:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:cyrus:sasl:2.1.17:*:*:*:*:*:*:*

OR cpe:/a:cyrusimap:cyrus-sasl:2.1.27:*:*:*:*:*:*:*

OR cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.26:*:*:*:*:*:*:*

OR cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.25:*:*:*:*:*:*:*

OR cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.24:rc1:*:*:*:*:*:*

OR cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.23:*:*:*:*:*:*:*

OR cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.22:*:*:*:*:*:*:*

OR cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.21:*:*:*:*:*:*:*

OR cpe:/a:cyrus:sasl:2.1.20:*:*:*:*:*:*:*

OR cpe:/a:cyrus:sasl:2.1.19:*:*:*:*:*:*:*

OR cpe:/a:cyrus:sasl:2.1.18:*:*:*:*:*:*:*

AND

cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_network_security:5.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_network_security:5.5.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager_appliance_firmware:9.0.7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_access_manager:9.0.7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7477	P	cyrus-sasl-2.1.28-150500.1.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7861	P	nvidia-container-toolkit-1.11.0-150200.5.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8076	P	cyrus-sasl-bdb-2.1.28-150500.1.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3470	P	dbus-1-1.8.22-9.38 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3435	P	at-3.1.14-8.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95065	P	cyrus-sasl-bdb-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2903	P	cyrus-sasl-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95100	P	cyrus-sasl-bdb-devel-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94533	P	cyrus-sasl-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2904	P	cyrus-sasl-saslauthd-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94534	P	cyrus-sasl-saslauthd-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:42434	P	Security update for cyrus-sasl (Important)	2022-04-13
oval:com.redhat.rhsa:def:20220780	P	RHSA-2022:0780: cyrus-sasl security update (Important)	2022-03-08
oval:org.opensuse.security:def:1692	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:100428	P	(Important)	2022-03-07
oval:org.opensuse.security:def:93637	P	(Important)	2022-03-07
oval:org.opensuse.security:def:102253	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:99495	P	(Important)	2022-03-07
oval:org.opensuse.security:def:94481	P	(Important)	2022-03-07
oval:org.opensuse.security:def:93168	P	(Important)	2022-03-07
oval:org.opensuse.security:def:100762	P	(Important)	2022-03-07
oval:org.opensuse.security:def:93848	P	(Important)	2022-03-07
oval:org.opensuse.security:def:963	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:99757	P	(Important)	2022-03-07
oval:org.opensuse.security:def:93326	P	(Important)	2022-03-07
oval:org.opensuse.security:def:101655	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:94060	P	(Important)	2022-03-07
oval:org.opensuse.security:def:42352	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:1242	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:100090	P	(Important)	2022-03-07
oval:org.opensuse.security:def:93486	P	(Important)	2022-03-07
oval:org.opensuse.security:def:101895	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:99221	P	(Important)	2022-03-07
oval:org.opensuse.security:def:94274	P	(Important)	2022-03-07
oval:org.opensuse.security:def:119124	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:125809	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:6360	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:119317	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:42202	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:126972	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:118822	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:119500	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:5359	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:127370	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:119012	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:119685	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:org.opensuse.security:def:6179	P	Security update for cyrus-sasl (Important)	2022-03-03
oval:com.redhat.rhsa:def:20220666	P	RHSA-2022:0666: cyrus-sasl security update (Important)	2022-02-24
oval:com.redhat.rhsa:def:20220658	P	RHSA-2022:0658: cyrus-sasl security update (Important)	2022-02-23

BACK