CVE Vulnerability

CVE-2022-31196

Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a **single** HTTP POST request to create a databaseType. By supplying a `jdbcDriverFileUrl` that returns a non `200` response code, the url is executed, the response is logged (both in terminal and in database) and is included in the response. This would allow an attackers to obtain the real IP address and scan Intranet information. This issue was fixed in version 1.0.7.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/vran-dev/databasir/releases/tag/v1.0.7 Release Notes Third Party Advisory
https://github.com/vran-dev/databasir/security/advisories/GHSA-qvg8-427f-852q Exploit Third Party Advisory
https://github.com/vran-dev/databasir/commit/226c20e0c9124037671a91d6b3e5083bd2462058 Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:databasir:databasir:*:*:*:*:*:*:*:*
Information

Published : 2022-09-02 08:15

Updated : 2022-09-08 03:30

NVD link : CVE-2022-31196

Mitre link : CVE-2022-31196

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)