CVE-2021-44874 - OpenCVE

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dalmark	Systeam Enterprise Resource Planning

Configuration 1 [-]

cpe:2.3:a:dalmark:systeam_enterprise_resource_planning:2.22.8:build_1724:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-12-21T16:22:28

Updated: 2024-08-04T04:32:13.105Z

Reserved: 2021-12-13T00:00:00

Link: CVE-2021-44874

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-12-21T17:15:08.473

Modified: 2021-12-27T19:20:12.757

Link: CVE-2021-44874

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-21T16:22:28", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-44874", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt", "refsource": "MISC", "url": "https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:32:13.105Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-44874", "datePublished": "2021-12-21T16:22:28", "dateReserved": "2021-12-13T00:00:00", "dateUpdated": "2024-08-04T04:32:13.105Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dalmark:systeam_enterprise_resource_planning:2.22.8:build_1724:*:*:*:*:*:*", "matchCriteriaId": "DA84FF69-3864-4439-B930-7E9418418F14", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via SQL query. The Systeam application is an ERP system that uses a mixed architecture based on SaaS tenant and user management, and on-premise database and web application counterparts. The bi report module exposes direct SQL commands via POST data in order to select data for report generation. A malicious actor can use the bi report endpoint as a direct SQL prompt under the authenticated user."}, {"lang": "es", "value": "Dalmark Systems Systeam versi\u00f3n 2.22.8 build 1724, es vulnerable al dise\u00f1o no Seguro en la creaci\u00f3n de informes por medio de consultas SQL. La aplicaci\u00f3n Systeam es un sistema ERP que usa una arquitectura mixta basada en la administraci\u00f3n de usuarios e inquilinos SaaS, y en la base de datos local y las contrapartes de la aplicaci\u00f3n web. El m\u00f3dulo de informes bi expone comandos SQL directos por medio de datos POST con el fin de seleccionar datos para la generaci\u00f3n de informes. Un actor malicioso puede usar el endpoint de bi report como una solicitud directa de SQL bajo el usuario autenticado"}], "id": "CVE-2021-44874", "lastModified": "2021-12-27T19:20:12.757", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-21T17:15:08.473", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.systeam.com.br/cve/insecure%20design%20-%20sql%20manipulation-en.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}