MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5bWctNHcyMy00ZnFj

High EPSS: 0.88728% (0.9949 Percentile) EPSS:

Permalink JSON

Unauthenticated SQL Injection in Cachet

Affected Packages	Affected Versions	Fixed Versions
packagist:cachethq/cachet	<= 2.3.18	No known fixed version
2 Dependent packages 7 Dependent repositories 431 Downloads total Affected Version Ranges All affected versions v0.1.0-alpha, v1.0.0, v1.1.0, v1.1.1, v1.2.0, v1.2.1, v2.0.0, v2.0.0-RC1, v2.0.0-RC2, v2.0.0-RC3, v2.0.0-RC4, v2.0.0-RC5, v2.0.0-beta1, v2.0.0-beta2, v2.0.1, v2.0.2, v2.0.3, v2.0.4, v2.1.0, v2.1.0-RC1, v2.1.0-RC2, v2.1.1, v2.1.2, v2.2.0, v2.2.0-RC1, v2.2.1, v2.2.2, v2.2.3, v2.2.4, v2.3.0, v2.3.0-RC1, v2.3.0-RC2, v2.3.0-RC3, v2.3.0-RC4, v2.3.0-RC5, v2.3.0-RC6, v2.3.1, v2.3.2, v2.3.3, v2.3.4, v2.3.5, v2.3.6, v2.3.7, v2.3.8, v2.3.9, v2.3.10, v2.3.11, v2.3.12, v2.3.13, v2.3.14, v2.3.15, v2.3.16, v2.3.17, v2.3.18

Impact

In Cachet versions through 2.3.18, there is a SQL injection which is in the SearchableTrait#scopeSearch(). Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session.

Patches

The original repository of https://github.com/CachetHQ/Cachet is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected.

Update to version 2.5 or later in the https://github.com/fiveai/Cachet fork to fix this vulnerability.

References:

Identifiers

GHSA-79mg-4w23-4fqc

CVE-2021-39165

Risk

Severity

High

EPSS

EPSS Percentage: 0.88728

EPSS Percentile: 0.9949

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/fiveai/Cachet

Date and time

Published

about 4 years ago

Updated

almost 3 years ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories