Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection Vulnerabilities

0
0

Vulnerabilities discovered by Yuri Kramar from the Cisco Security Advisor Team


Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection Vulnerabilities
Overview

Talos is disclosing multiple SQL injection vulnerabilities in the Frappe ERPNext Version 10.1.6 application. Frappe ERPNext is an open-source enterprise resource planning (ERP) cloud application. These vulnerabilities enable an attacker to bypass authentication and get unauthenticated access to sensitive data. An attacker can use a normal web browser to trigger these vulnerabilities ― no special tools are required.

Details

The vulnerabilities were assigned to the CVE IDs CVE-2018-3882 - CVE-2018-3885. An attacker can use the following parameters for SQL injection:

CVE-2018-3882 - searchfield parameter

query=erpnext.controllers.queries.


CVE-2018-3883 - employee parameter

cmd=erpnext.hr.doctype.leave_application.leave_application.

CVE-2018-3883 - sort_order parameter

cmd=erpnext.stock.dashboard.item_dashboard.

CVE-2018-3884 - sort_by parameter

cmd=erpnext.stock.dashboard.item_dashboard.

CVE-2018-3884 - start parameter

cmd=erpnext.stock.dashboard.item_dashboard.

CVE-2018-3885

cmd=frappe.desk.reportview.

More technical details can be found in the Talos vulnerability reports .

Coverage

The following Snort rules will detect exploitation attempts. Note that additional rules may be released at a future date, and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rule: 46165-46172


Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection Vulnerabilities

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles





Latest Images