Skip to content

Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model

High
dvesh3 published GHSA-xc9p-r5qj-8xm9 Mar 16, 2023

Package

composer pimcore/pimcore (Composer)

Affected versions

< 10.5.19

Patched versions

10.5.19

Description

Impact

The quoting is not done properly in UUID DAO model, so there's the theoretical possibility to inject custom SQL if the developer is using this methods with input data and not doing proper input validation in advance and so relies on the auto-quoting being done by the DAO class.

Patches

Update to version 10.5.19 or apply this patch manually https://github.com/pimcore/pimcore/commit/08e7ba56ae983c3c67ec563b6989b16ef8f35275.patch

Workarounds

Apply https://github.com/pimcore/pimcore/commit/08e7ba56ae983c3c67ec563b6989b16ef8f35275.patch manually.

References

#14633

Severity

High
7.9
/ 10

CVSS base metrics

Attack vector
Local
Attack complexity
Low
Privileges required
High
User interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVE ID

CVE-2023-28108

Weaknesses