Description

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.

Remediation

References

http://www.heavensec.org/?p=1703

https://github.com/orientechnologies/orientdb/wiki/OrientDB-2.2-Release-Notes#2223---july-11-2017

Related Vulnerabilities

CVE-2022-38752 Vulnerability in maven package org.yaml:snakeyaml

CVE-2022-36887 Vulnerability in maven package org.jenkins-ci.plugins:jobconfighistory

CVE-2021-43307 Vulnerability in maven package org.webjars.npm:semver-regex

CVE-2021-22096 Vulnerability in maven package org.springframework:spring-core

CVE-2020-7760 Vulnerability in maven package org.webjars.bowergithub.codemirror:codemirror

Severity

Critical

Classification

CWE-269 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory URL Repurposed