{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-45059", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-08-21T17:53:51.333Z", "datePublished": "2024-08-28T20:17:31.835Z", "dateUpdated": "2024-09-06T19:27:25.280Z"}, "containers": {"cna": {"title": "Authenticated SQL Injection in i-Educar", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "references": [{"name": "https://github.com/portabilis/i-educar/security/advisories/GHSA-2v4w-7xqr-hxmr", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/portabilis/i-educar/security/advisories/GHSA-2v4w-7xqr-hxmr"}, {"name": "https://github.com/portabilis/i-educar/commit/7824b95745fa2da6476b9901041d9c854bf52ffe", "tags": ["x_refsource_MISC"], "url": "https://github.com/portabilis/i-educar/commit/7824b95745fa2da6476b9901041d9c854bf52ffe"}, {"name": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html", "tags": ["x_refsource_MISC"], "url": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html"}, {"name": "https://portswigger.net/web-security/sql-injection", "tags": ["x_refsource_MISC"], "url": "https://portswigger.net/web-security/sql-injection"}], "affected": [{"vendor": "portabilis", "product": "i-educar", "versions": [{"version": "< 2.9", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-06T19:27:25.280Z"}, "descriptions": [{"lang": "en", "value": "i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 branch in the `ieducar/intranet/funcionario_vinculo_det.php` file, which creates the query by concatenating the unsanitized GET parameter `cod_func`, allowing the attacker to obtain sensitive information such as emails and password hashes. Commit 7824b95745fa2da6476b9901041d9c854bf52ffe fixes the issue."}], "source": {"advisory": "GHSA-2v4w-7xqr-hxmr", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "portabilis", "product": "i-educar", "cpes": ["cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.9", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-28T20:34:36.479183Z", "id": "CVE-2024-45059", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T20:35:01.466Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-45059", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-28T20:34:36.479183Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*"], "vendor": "portabilis", "product": "i-educar", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T20:34:58.231Z"}}], "cna": {"title": "Authenticated SQL Injection in i-Educar", "source": {"advisory": "GHSA-2v4w-7xqr-hxmr", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "portabilis", "product": "i-educar", "versions": [{"status": "affected", "version": "< 2.9"}]}], "references": [{"url": "https://github.com/portabilis/i-educar/security/advisories/GHSA-2v4w-7xqr-hxmr", "name": "https://github.com/portabilis/i-educar/security/advisories/GHSA-2v4w-7xqr-hxmr", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/portabilis/i-educar/commit/7824b95745fa2da6476b9901041d9c854bf52ffe", "name": "https://github.com/portabilis/i-educar/commit/7824b95745fa2da6476b9901041d9c854bf52ffe", "tags": ["x_refsource_MISC"]}, {"url": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html", "name": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html", "tags": ["x_refsource_MISC"]}, {"url": "https://portswigger.net/web-security/sql-injection", "name": "https://portswigger.net/web-security/sql-injection", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 branch in the `ieducar/intranet/funcionario_vinculo_det.php` file, which creates the query by concatenating the unsanitized GET parameter `cod_func`, allowing the attacker to obtain sensitive information such as emails and password hashes. Commit 7824b95745fa2da6476b9901041d9c854bf52ffe fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-06T19:27:25.280Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45059", "state": "PUBLISHED", "dateUpdated": "2024-09-06T19:27:25.280Z", "dateReserved": "2024-08-21T17:53:51.333Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-08-28T20:17:31.835Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAA7BA67-9C1B-461B-90CF-2BB79C838BAF", "versionEndIncluding": "2.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 branch in the `ieducar/intranet/funcionario_vinculo_det.php` file, which creates the query by concatenating the unsanitized GET parameter `cod_func`, allowing the attacker to obtain sensitive information such as emails and password hashes. Commit 7824b95745fa2da6476b9901041d9c854bf52ffe fixes the issue."}, {"lang": "es", "value": "i-Educar es un software de gesti\u00f3n escolar gratuito y completamente online que permite a las secretarias, profesores, coordinadores y responsables de \u00e1rea de la escuela crear una consulta SQL a partir de una concatenaci\u00f3n de un par\u00e1metro GET controlado por el usuario, lo que permite a un atacante manipular la consulta. La explotaci\u00f3n exitosa de esta falla permite a un atacante tener acceso completo y sin restricciones a la base de datos, con un usuario web con permisos m\u00ednimos. Esto puede implicar la obtenci\u00f3n de informaci\u00f3n del usuario, como correos electr\u00f3nicos, hashes de contrase\u00f1as, etc. Este problema a\u00fan no ha sido parcheado. Se recomienda a los usuarios que se pongan en contacto con el desarrollador y que coordinen un cronograma de actualizaci\u00f3n."}], "id": "CVE-2024-45059", "lastModified": "2024-09-13T20:09:19.523", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-28T21:15:07.473", "references": [{"source": "security-advisories@github.com", "tags": ["Technical Description"], "url": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/portabilis/i-educar/commit/7824b95745fa2da6476b9901041d9c854bf52ffe"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/portabilis/i-educar/security/advisories/GHSA-2v4w-7xqr-hxmr"}, {"source": "security-advisories@github.com", "tags": ["Technical Description"], "url": "https://portswigger.net/web-security/sql-injection"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}