CVE-2024-24213 - OpenCVE

Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an intended feature; also, it exists in the Supabase dashboard product, not the Supabase PostgreSQL product. Specifically, /pg_meta/default/query is for SQL queries that are entered in an intended UI by an authorized user. Nothing is injected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Supabase	Postgres

Configuration 1 [-]

cpe:2.3:a:supabase:postgres:15.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://app.flows.sh:8443/project/default%2C
https://github.com/940198871/Vulnerability-details/blob/main/CVE-2024-24213
https://postfixadmin.ballardini.com.ar:8443/project/default/logs/explorer.
https://reference1.example.com/project/default/logs/explorer%2C
https://supabase.com/docs/guides/database/overview#the-sql-editor

History

Wed, 21 Aug 2024 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Supabase Supabase postgres
CPEs	cpe:2.3:a:postgresql:postgresql:15.1:::::::*	cpe:2.3:a:supabase:postgres:15.1:::::::*
Vendors & Products	Postgresql Postgresql postgresql	Supabase Supabase postgres

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-02-08T00:00:00

Updated: 2024-08-19T19:55:59.420Z

Reserved: 2024-01-25T00:00:00

Link: CVE-2024-24213

Vulnrichment

Updated: 2024-08-01T23:19:51.989Z

NVD

Status : Analyzed

Published: 2024-02-08T18:15:08.237

Modified: 2024-08-21T18:06:24.633

Link: CVE-2024-24213

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-24213", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-19T19:55:59.420Z", "dateReserved": "2024-01-25T00:00:00", "datePublished": "2024-02-08T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-05T01:15:47.086202"}, "descriptions": [{"lang": "en", "value": "Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an intended feature; also, it exists in the Supabase dashboard product, not the Supabase PostgreSQL product. Specifically, /pg_meta/default/query is for SQL queries that are entered in an intended UI by an authorized user. Nothing is injected."}], "tags": ["disputed"], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://app.flows.sh:8443/project/default%2C"}, {"url": "https://reference1.example.com/project/default/logs/explorer%2C"}, {"url": "https://postfixadmin.ballardini.com.ar:8443/project/default/logs/explorer."}, {"url": "https://github.com/940198871/Vulnerability-details/blob/main/CVE-2024-24213"}, {"url": "https://supabase.com/docs/guides/database/overview#the-sql-editor"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:19:51.989Z"}, "title": "CVE Program Container", "references": [{"url": "https://app.flows.sh:8443/project/default%2C", "tags": ["x_transferred"]}, {"url": "https://reference1.example.com/project/default/logs/explorer%2C", "tags": ["x_transferred"]}, {"url": "https://postfixadmin.ballardini.com.ar:8443/project/default/logs/explorer.", "tags": ["x_transferred"]}, {"url": "https://github.com/940198871/Vulnerability-details/blob/main/CVE-2024-24213", "tags": ["x_transferred"]}, {"url": "https://supabase.com/docs/guides/database/overview#the-sql-editor", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "affected": [{"vendor": "postgresql", "product": "postgresql", "cpes": ["cpe:2.3:a:postgresql:postgresql:15.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "15.1", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-19T19:54:51.515234Z", "id": "CVE-2024-24213", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-19T19:55:59.420Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://app.flows.sh:8443/project/default%2C", "tags": ["x_transferred"]}, {"url": "https://reference1.example.com/project/default/logs/explorer%2C", "tags": ["x_transferred"]}, {"url": "https://postfixadmin.ballardini.com.ar:8443/project/default/logs/explorer.", "tags": ["x_transferred"]}, {"url": "https://github.com/940198871/Vulnerability-details/blob/main/CVE-2024-24213", "tags": ["x_transferred"]}, {"url": "https://supabase.com/docs/guides/database/overview#the-sql-editor", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:19:51.989Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-24213", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-19T19:54:51.515234Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:postgresql:postgresql:15.1:*:*:*:*:*:*:*"], "vendor": "postgresql", "product": "postgresql", "versions": [{"status": "affected", "version": "15.1"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-19T19:55:54.788Z"}}], "cna": {"tags": ["disputed"], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://app.flows.sh:8443/project/default%2C"}, {"url": "https://reference1.example.com/project/default/logs/explorer%2C"}, {"url": "https://postfixadmin.ballardini.com.ar:8443/project/default/logs/explorer."}, {"url": "https://github.com/940198871/Vulnerability-details/blob/main/CVE-2024-24213"}, {"url": "https://supabase.com/docs/guides/database/overview#the-sql-editor"}], "descriptions": [{"lang": "en", "value": "Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an intended feature; also, it exists in the Supabase dashboard product, not the Supabase PostgreSQL product. Specifically, /pg_meta/default/query is for SQL queries that are entered in an intended UI by an authorized user. Nothing is injected."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-05T01:15:47.086202"}}}, "cveMetadata": {"cveId": "CVE-2024-24213", "state": "PUBLISHED", "dateUpdated": "2024-08-19T19:55:59.420Z", "dateReserved": "2024-01-25T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-02-08T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:supabase:postgres:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "97FF52D4-4293-47D3-A491-DAF771B9A2C5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an intended feature; also, it exists in the Supabase dashboard product, not the Supabase PostgreSQL product. Specifically, /pg_meta/default/query is for SQL queries that are entered in an intended UI by an authorized user. Nothing is injected."}, {"lang": "es", "value": "Se descubri\u00f3 que Supabase PostgreSQL v15.1 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del componente /pg_meta/default/query."}], "id": "CVE-2024-24213", "lastModified": "2024-08-21T18:06:24.633", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-08T18:15:08.237", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://app.flows.sh:8443/project/default%2C"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/940198871/Vulnerability-details/blob/main/CVE-2024-24213"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://postfixadmin.ballardini.com.ar:8443/project/default/logs/explorer."}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://reference1.example.com/project/default/logs/explorer%2C"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://supabase.com/docs/guides/database/overview#the-sql-editor"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}