CVE-2021-40860 - OpenCVE

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Genesys	Intelligent Workload Distribution Manager

Configuration 1 [-]

cpe:2.3:a:genesys:intelligent_workload_distribution_manager:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://docs.genesys.com/Documentation/IWD
https://www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-12-08T14:45:59

Updated: 2024-08-04T02:51:07.515Z

Reserved: 2021-09-10T00:00:00

Link: CVE-2021-40860

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-12-08T15:15:10.073

Modified: 2021-12-13T15:27:48.630

Link: CVE-2021-40860

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-08T14:45:59", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://docs.genesys.com/Documentation/IWD"}, {"tags": ["x_refsource_MISC"], "url": "https://www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-40860", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://docs.genesys.com/Documentation/IWD", "refsource": "MISC", "url": "https://docs.genesys.com/Documentation/IWD"}, {"name": "https://www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/", "refsource": "MISC", "url": "https://www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T02:51:07.515Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://docs.genesys.com/Documentation/IWD"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-40860", "datePublished": "2021-12-08T14:45:59", "dateReserved": "2021-09-10T00:00:00", "dateUpdated": "2024-08-04T02:51:07.515Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:genesys:intelligent_workload_distribution_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7779A7B-846C-4644-90F4-5DFDC6C5421F", "versionEndExcluding": "9.0.013.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine."}, {"lang": "es", "value": "Una inyecci\u00f3n SQL en el componente de consulta de filtro personalizado en Genesys intelligent Workload Distribution (IWD) versiones anteriores a 9.0.013.11, permite a un atacante ejecutar consultas SQL arbitrarias por medio del par\u00e1metro ql_expression, con el que pueden extraerse todos los datos de la base de datos y es posible una ejecuci\u00f3n de comandos del Sistema Operativo en funci\u00f3n de los permisos y/o del motor de la base de datos"}], "id": "CVE-2021-40860", "lastModified": "2021-12-13T15:27:48.630", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-08T15:15:10.073", "references": [{"source": "cve@mitre.org", "tags": ["Product", "Release Notes", "Vendor Advisory"], "url": "https://docs.genesys.com/Documentation/IWD"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://www.offensity.com/en/blog/authenticated-sql-injection-in-the-genesys-iwd-manager-cve-2021-40860-and-cve-2021-40861/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}