OpenCVE

Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle. The user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Acquia	Mautic
Mautic	Mautic

Configuration 1 [-]

OR	cpe:2.3:a:acquia:mautic::::::::
	cpe:2.3:a:acquia:mautic::::::::

No data.

References

Link	Providers
https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94

History

Mon, 23 Sep 2024 23:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Acquia Acquia mautic
CPEs		cpe:2.3:a:acquia:mautic::::::::
Vendors & Products		Acquia Acquia mautic

Wed, 18 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mautic Mautic mautic
CPEs		cpe:2.3:a:mautic:mautic:-:::::::*
Vendors & Products		Mautic Mautic mautic
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 18 Sep 2024 15:15:00 +0000

Type	Values Removed	Values Added
Description		Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle. The user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.
Title		SQL Injection in dynamic Reports
Weaknesses		CWE-89
References		https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94
Metrics		cvssV3_1 `{'score': 6.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Mautic

Published: 2024-09-18T15:01:23.529Z

Updated: 2024-09-18T21:30:23.104Z

Reserved: 2022-02-22T20:17:36.805Z

Link: CVE-2022-25775

Vulnrichment

Updated: 2024-09-18T17:47:27.121Z

NVD

Status : Analyzed

Published: 2024-09-18T15:15:13.440

Modified: 2024-09-23T23:22:15.763

Link: CVE-2022-25775

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-25775", "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "state": "PUBLISHED", "assignerShortName": "Mautic", "dateReserved": "2022-02-22T20:17:36.805Z", "datePublished": "2024-09-18T15:01:23.529Z", "dateUpdated": "2024-09-18T21:30:23.104Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://packagist.org", "defaultStatus": "unaffected", "packageName": "mautic/core", "product": "Mautic", "repo": "https://github.com/mautic/mautic", "vendor": "Mautic", "versions": [{"lessThan": "< 4.4.12", "status": "affected", "version": ">= 2.14.1", "versionType": "semver"}, {"lessThan": "< 5.0.4", "status": "affected", "version": "> 5.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "a-solovev"}, {"lang": "en", "type": "remediation developer", "value": "Lenon Leite"}, {"lang": "en", "type": "remediation developer", "value": "John Linhart"}, {"lang": "en", "type": "remediation reviewer", "value": "John Linhart"}, {"lang": "en", "type": "remediation reviewer", "value": "Akivarsha Saha"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.</p><p>The user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.</p>"}], "value": "Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.\n\nThe user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems."}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic", "dateUpdated": "2024-09-18T21:30:23.104Z"}, "references": [{"url": "https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to 4.4.12 or 5.0.4 or higher."}], "value": "Update to 4.4.12 or 5.0.4 or higher."}], "source": {"advisory": "GHSA-jj6w-2cqg-7p94", "discovery": "EXTERNAL"}, "title": "SQL Injection in dynamic Reports", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "mautic", "product": "mautic", "cpes": ["cpe:2.3:a:mautic:mautic:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "2.14.1", "status": "affected", "lessThan": "4.4.12", "versionType": "semver"}, {"version": "5.0.0", "status": "affected", "lessThan": "5.0.4", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-18T17:46:22.968034Z", "id": "CVE-2022-25775", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T17:47:36.323Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-25775", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-18T17:46:22.968034Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:mautic:mautic:-:*:*:*:*:*:*:*"], "vendor": "mautic", "product": "mautic", "versions": [{"status": "affected", "version": "2.14.1", "lessThan": "4.4.12", "versionType": "semver"}, {"status": "affected", "version": "5.0.0", "lessThan": "5.0.4", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T17:47:27.121Z"}}], "cna": {"title": "SQL Injection in dynamic Reports", "source": {"advisory": "GHSA-jj6w-2cqg-7p94", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "a-solovev"}, {"lang": "en", "type": "remediation developer", "value": "Lenon Leite"}, {"lang": "en", "type": "remediation developer", "value": "John Linhart"}, {"lang": "en", "type": "remediation reviewer", "value": "John Linhart"}, {"lang": "en", "type": "remediation reviewer", "value": "Akivarsha Saha"}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mautic/mautic", "vendor": "Mautic", "product": "Mautic", "versions": [{"status": "affected", "version": ">= 2.14.1", "lessThan": "< 4.4.12", "versionType": "semver"}, {"status": "affected", "version": "> 5.0.0", "lessThan": "< 5.0.4", "versionType": "semver"}], "packageName": "mautic/core", "collectionURL": "https://packagist.org", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to 4.4.12 or 5.0.4 or higher.", "supportingMedia": [{"type": "text/html", "value": "Update to 4.4.12 or 5.0.4 or higher.", "base64": false}]}], "references": [{"url": "https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.\n\nThe user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.", "supportingMedia": [{"type": "text/html", "value": "<p>Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.</p><p>The user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic", "dateUpdated": "2024-09-18T21:30:23.104Z"}}}, "cveMetadata": {"cveId": "CVE-2022-25775", "state": "PUBLISHED", "dateUpdated": "2024-09-18T21:30:23.104Z", "dateReserved": "2022-02-22T20:17:36.805Z", "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "datePublished": "2024-09-18T15:01:23.529Z", "assignerShortName": "Mautic"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6C670F8-5A52-4013-BC7F-7D63F0B9EFE1", "versionEndExcluding": "4.4.12", "versionStartIncluding": "2.14.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*", "matchCriteriaId": "3123A79D-F360-44BE-85BA-34304F3E1B40", "versionEndExcluding": "5.0.4", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.\n\nThe user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems."}, {"lang": "es", "value": "Antes de la versi\u00f3n parcheada, los usuarios registrados de Mautic eran vulnerables a una vulnerabilidad de inyecci\u00f3n SQL en el paquete de informes. El usuario pod\u00eda recuperar y alterar datos como datos confidenciales, datos de inicio de sesi\u00f3n y, seg\u00fan el permiso de la base de datos, el atacante pod\u00eda manipular los sistemas de archivos."}], "id": "CVE-2022-25775", "lastModified": "2024-09-23T23:22:15.763", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "security@mautic.org", "type": "Secondary"}]}, "published": "2024-09-18T15:15:13.440", "references": [{"source": "security@mautic.org", "tags": ["Third Party Advisory"], "url": "https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94"}], "sourceIdentifier": "security@mautic.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@mautic.org", "type": "Secondary"}]}