nvd-json-data-feeds/CVE-2021/CVE-2021-448xx/CVE-2021-44874.json

{
  "id": "CVE-2021-44874",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2021-12-21T17:15:08.473",
  "lastModified": "2021-12-27T19:20:12.757",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user."
    },
    {
      "lang": "es",
      "value": "Dalmark Systems Systeam versi\u00f3n 2.22.8 build 1724, es vulnerable al dise\u00f1o no Seguro en la creaci\u00f3n de informes por medio de consultas SQL. La aplicaci\u00f3n Systeam es un sistema ERP que usa una arquitectura mixta basada en la administraci\u00f3n de usuarios e inquilinos SaaS, y en la base de datos local y las contrapartes de la aplicaci\u00f3n web. El m\u00f3dulo de informes bi expone comandos SQL directos por medio de datos POST con el fin de seleccionar datos para la generaci\u00f3n de informes. Un actor malicioso puede usar el endpoint de bi report como una solicitud directa de SQL bajo el usuario autenticado"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:dalmark:systeam_enterprise_resource_planning:2.22.8:build_1724:*:*:*:*:*:*",
              "matchCriteriaId": "DA84FF69-3864-4439-B930-7E9418418F14"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}