CVE-2014-2022

SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html	Exploit
http://seclists.org/fulldisclosure/2014/Oct/56	Exploit
http://www.securityfocus.com/bid/70417
http://www.securitytracker.com/id/1031001
https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022	Exploit

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vbulletin:vbulletin::::::::
	cpe:2.3:a:vbulletin:vbulletin:4.2.0:pl2::::::
	cpe:2.3:a:vbulletin:vbulletin:4.2.1:::::::*

History

No history.

Information

Published : 2014-10-15 14:55

Updated : 2015-08-13 18:04

NVD link : CVE-2014-2022

Mitre link : CVE-2014-2022

CVE.ORG link : CVE-2014-2022

JSON object : View

Products Affected

vbulletin

vbulletin

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2014-2022", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-15T14:55:05.557", "references": [{"url": "http://packetstormsecurity.com/files/128696/vBulletin-4.x-SQL-Injection.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2014/Oct/56", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/70417", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1031001", "source": "cve@mitre.org"}, {"url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2014-2022", "tags": ["Exploit"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in includes/api/4/breadcrumbs_create.php in vBulletin 4.2.2, 4.2.1, 4.2.0 PL2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the conceptid argument in an xmlrpc API request."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en includes/api/4/breadcrumbs_create.php en vButellin 4.2.2, 4.2.1, 4.2.0 PL2, y anteriores permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del argumento conceptid en una petici\u00f3n API a xmlrpc."}], "lastModified": "2015-08-13T18:04:01.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8428355-3FA6-4AF5-BF44-15546E60DA43", "versionEndIncluding": "4.2.2"}, {"criteria": "cpe:2.3:a:vbulletin:vbulletin:4.2.0:pl2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EEEFB9B-A780-4FC5-B750-313735001D8C"}, {"criteria": "cpe:2.3:a:vbulletin:vbulletin:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCCAADE4-2293-4191-A198-6B17B3EC8318"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}