{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7099", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-07-25T09:33:45.994Z", "datePublished": "2024-10-13T21:09:53.816Z", "dateUpdated": "2024-10-15T14:56:00.675Z"}, "containers": {"cna": {"title": "SQL Injection in netease-youdao/qanything", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-10-13T21:09:53.816Z"}, "descriptions": [{"lang": "en", "value": "netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include `get_knowledge_base_name`, `from_status_to_status`, `delete_files`, and `get_file_by_status`. An attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially stealing information from the database. The issue is fixed in version 1.4.2."}], "affected": [{"vendor": "netease-youdao", "product": "netease-youdao/qanything", "versions": [{"version": "unspecified", "lessThan": "1.4.2", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/bc98983e-06cc-4a4b-be01-67e5010cb2c1"}, {"url": "https://github.com/netease-youdao/qanything/commit/a87354f09d93e95350fb45eb343dc75454387554"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command", "cweId": "CWE-89"}]}], "source": {"advisory": "bc98983e-06cc-4a4b-be01-67e5010cb2c1", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "netease", "product": "qanything", "cpes": ["cpe:2.3:a:netease:qanything:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.4.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-14T15:32:53.357493Z", "id": "CVE-2024-7099", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T14:56:00.675Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7099", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-14T15:32:53.357493Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:netease:qanything:*:*:*:*:*:*:*:*"], "vendor": "netease", "product": "qanything", "versions": [{"status": "affected", "version": "0", "lessThan": "1.4.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T14:55:48.911Z"}}], "cna": {"title": "SQL Injection in netease-youdao/qanything", "source": {"advisory": "bc98983e-06cc-4a4b-be01-67e5010cb2c1", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "netease-youdao", "product": "netease-youdao/qanything", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "1.4.2", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/bc98983e-06cc-4a4b-be01-67e5010cb2c1"}, {"url": "https://github.com/netease-youdao/qanything/commit/a87354f09d93e95350fb45eb343dc75454387554"}], "descriptions": [{"lang": "en", "value": "netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include `get_knowledge_base_name`, `from_status_to_status`, `delete_files`, and `get_file_by_status`. An attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially stealing information from the database. The issue is fixed in version 1.4.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-10-13T21:09:53.816Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7099", "state": "PUBLISHED", "dateUpdated": "2024-10-15T14:56:00.675Z", "dateReserved": "2024-07-25T09:33:45.994Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-10-13T21:09:53.816Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include `get_knowledge_base_name`, `from_status_to_status`, `delete_files`, and `get_file_by_status`. An attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially stealing information from the database. The issue is fixed in version 1.4.2."}, {"lang": "es", "value": "La versi\u00f3n 1.4.1 de netease-youdao/qanything contiene una vulnerabilidad en la que los datos no seguros obtenidos de la entrada del usuario se concatenan en consultas SQL, lo que provoca una inyecci\u00f3n SQL. Las funciones afectadas incluyen `get_knowledge_base_name`, `from_status_to_status`, `delete_files` y `get_file_by_status`. Un atacante puede aprovechar esta vulnerabilidad para ejecutar consultas SQL arbitrarias, lo que podr\u00eda robar informaci\u00f3n de la base de datos. El problema se solucion\u00f3 en la versi\u00f3n 1.4.2."}], "id": "CVE-2024-7099", "lastModified": "2024-10-15T12:57:46.880", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2024-10-13T21:15:10.957", "references": [{"source": "security@huntr.dev", "url": "https://github.com/netease-youdao/qanything/commit/a87354f09d93e95350fb45eb343dc75454387554"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/bc98983e-06cc-4a4b-be01-67e5010cb2c1"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@huntr.dev", "type": "Primary"}]}

{}