CVE-2024-7009 - Vulnerability Details - OpenCVE

Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00259.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Calibre-ebook	Calibre
Kovidgoyal	Calibre

Configuration 1 [-]

cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*

No data.

No data.

References

Link	Providers
https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7
https://starlabs.sg/advisories/24/24-7009/

History

Mon, 19 Aug 2024 17:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Calibre-ebook Calibre-ebook calibre
CPEs		cpe:2.3:a:calibre-ebook:calibre::::::::
Vendors & Products		Calibre-ebook Calibre-ebook calibre

MITRE

Status: PUBLISHED

Assigner: STAR_Labs

Published: 2024-08-06T03:40:33.075Z

Updated: 2024-08-06T13:37:59.031Z

Reserved: 2024-07-23T03:50:21.540Z

Link: CVE-2024-7009

Vulnrichment

Updated: 2024-08-06T13:37:48.715Z

NVD

Status : Analyzed

Published: 2024-08-06T04:16:47.040

Modified: 2024-08-19T17:18:50.290

Link: CVE-2024-7009

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7009", "assignerOrgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "state": "PUBLISHED", "assignerShortName": "STAR_Labs", "dateReserved": "2024-07-23T03:50:21.540Z", "datePublished": "2024-08-06T03:40:33.075Z", "dateUpdated": "2024-08-06T13:37:59.031Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Calibre", "repo": "https://github.com/kovidgoyal/calibre", "vendor": "Calibre", "versions": [{"status": "affected", "version": "7.15.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Devesh Logendran of STAR Labs SG Pte. Ltd. (@starlabs_sg)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": " Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database."}], "value": "Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database."}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "shortName": "STAR_Labs", "dateUpdated": "2024-08-06T03:40:33.075Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://starlabs.sg/advisories/24/24-7009/"}, {"tags": ["patch"], "url": "https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7"}], "source": {"discovery": "UNKNOWN"}, "title": "Calibre SQL Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "kovidgoyal", "product": "calibre", "cpes": ["cpe:2.3:a:kovidgoyal:calibre:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.15.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-06T13:15:35.411350Z", "id": "CVE-2024-7009", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T13:37:59.031Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7009", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-06T13:15:35.411350Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:kovidgoyal:calibre:*:*:*:*:*:*:*:*"], "vendor": "kovidgoyal", "product": "calibre", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "7.15.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T13:37:48.715Z"}}], "cna": {"title": "Calibre SQL Injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Devesh Logendran of STAR Labs SG Pte. Ltd. (@starlabs_sg)"}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/kovidgoyal/calibre", "vendor": "Calibre", "product": "Calibre", "versions": [{"status": "affected", "version": "7.15.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://starlabs.sg/advisories/24/24-7009/", "tags": ["third-party-advisory"]}, {"url": "https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.", "supportingMedia": [{"type": "text/html", "value": " Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "shortName": "STAR_Labs", "dateUpdated": "2024-08-06T03:40:33.075Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7009", "state": "PUBLISHED", "dateUpdated": "2024-08-06T13:37:59.031Z", "dateReserved": "2024-07-23T03:50:21.540Z", "assignerOrgId": "b1571b85-cbc9-431f-830b-0c8155323a69", "datePublished": "2024-08-06T03:40:33.075Z", "assignerShortName": "STAR_Labs"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF8FB6FA-434C-4488-8DD0-34F59D962183", "versionEndIncluding": "7.15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database."}, {"lang": "es", "value": "La entrada de usuario no sanitizada en Calibre <= 7.15.0 permite a los usuarios con permisos realizar b\u00fasquedas de texto completo para lograr la inyecci\u00f3n SQL en la base de datos SQLite."}], "id": "CVE-2024-7009", "lastModified": "2024-08-19T17:18:50.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "info@starlabs.sg", "type": "Secondary"}]}, "published": "2024-08-06T04:16:47.040", "references": [{"source": "info@starlabs.sg", "tags": ["Patch"], "url": "https://github.com/kovidgoyal/calibre/commit/d56574285e8859d3d715eb7829784ee74337b7d7"}, {"source": "info@starlabs.sg", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://starlabs.sg/advisories/24/24-7009/"}], "sourceIdentifier": "info@starlabs.sg", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "info@starlabs.sg", "type": "Secondary"}]}