CVE-2024-7009 - Vulnerability Details - OpenCVE

Description

Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.

Published: 2024-08-06

Score: 4.2 Medium

EPSS: 8.4% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Calibre

Calibre

unaffected

Version	Status	Constraints
`7.15.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-48030	Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.08423.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7
https://starlabs.sg/advisories/24/24-7009/

History

Mon, 19 Aug 2024 17:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Calibre-ebook Calibre-ebook calibre
CPEs		cpe:2.3:a:calibre-ebook:calibre::::::::
Vendors & Products		Calibre-ebook Calibre-ebook calibre

Subscriptions

Calibre-ebook Calibre

Kovidgoyal Calibre

MITRE

Status: PUBLISHED

Assigner: STAR_Labs

Published: 2024-08-06T03:40:33.075Z

Updated: 2024-08-06T13:37:59.031Z

Reserved: 2024-07-23T03:50:21.540Z

Link: CVE-2024-7009

Vulnrichment

Updated: 2024-08-06T13:37:48.715Z

NVD

Status : Analyzed

Published: 2024-08-06T04:16:47.040

Modified: 2024-08-19T17:18:50.290

Link: CVE-2024-7009

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-89

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7009", "assignerOrgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "state": "PUBLISHED", "assignerShortName": "STAR_Labs", "dateReserved": "2024-07-23T03:50:21.540Z", "datePublished": "2024-08-06T03:40:33.075Z", "dateUpdated": "2024-08-06T13:37:59.031Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Calibre", "repo": "https://github.com/kovidgoyal/calibre", "vendor": "Calibre", "versions": [{"status": "affected", "version": "7.15.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Devesh Logendran of STAR Labs SG Pte. Ltd. (@starlabs_sg)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": " Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database."}], "value": "Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database."}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "shortName": "STAR_Labs", "dateUpdated": "2024-08-06T03:40:33.075Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://starlabs.sg/advisories/24/24-7009/"}, {"tags": ["patch"], "url": "https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7"}], "source": {"discovery": "UNKNOWN"}, "title": "Calibre SQL Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "kovidgoyal", "product": "calibre", "cpes": ["cpe:2.3:a:kovidgoyal:calibre:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.15.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-06T13:15:35.411350Z", "id": "CVE-2024-7009", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T13:37:59.031Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7009", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-06T13:15:35.411350Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:kovidgoyal:calibre:*:*:*:*:*:*:*:*"], "vendor": "kovidgoyal", "product": "calibre", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "7.15.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T13:37:48.715Z"}}], "cna": {"title": "Calibre SQL Injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Devesh Logendran of STAR Labs SG Pte. Ltd. (@starlabs_sg)"}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/kovidgoyal/calibre", "vendor": "Calibre", "product": "Calibre", "versions": [{"status": "affected", "version": "7.15.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://starlabs.sg/advisories/24/24-7009/", "tags": ["third-party-advisory"]}, {"url": "https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.", "supportingMedia": [{"type": "text/html", "value": " Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "shortName": "STAR_Labs", "dateUpdated": "2024-08-06T03:40:33.075Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7009", "state": "PUBLISHED", "dateUpdated": "2024-08-06T13:37:59.031Z", "dateReserved": "2024-07-23T03:50:21.540Z", "assignerOrgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "datePublished": "2024-08-06T03:40:33.075Z", "assignerShortName": "STAR_Labs"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF8FB6FA-434C-4488-8DD0-34F59D962183", "versionEndIncluding": "7.15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database."}, {"lang": "es", "value": "La entrada de usuario no sanitizada en Calibre <= 7.15.0 permite a los usuarios con permisos realizar b\u00fasquedas de texto completo para lograr la inyecci\u00f3n SQL en la base de datos SQLite."}], "id": "CVE-2024-7009", "lastModified": "2024-08-19T17:18:50.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "info@starlabs.sg", "type": "Secondary"}]}, "published": "2024-08-06T04:16:47.040", "references": [{"source": "info@starlabs.sg", "tags": ["Patch"], "url": "https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7"}, {"source": "info@starlabs.sg", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://starlabs.sg/advisories/24/24-7009/"}], "sourceIdentifier": "info@starlabs.sg", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "info@starlabs.sg", "type": "Secondary"}]}