Description

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.

Remediation

References

https://github.com/orientechnologies/orientdb/wiki/OrientDB-2.2-Release-Notes#2223---july-11-2017

http://www.heavensec.org/?p=1703

Related Vulnerabilities

CVE-2018-8014 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

CVE-2019-10371 Vulnerability in maven package org.jenkins-ci.plugins:gitlab-oauth

CVE-2022-40764 Vulnerability in npm package snyk

CVE-2023-40345 Vulnerability in maven package org.jenkins-ci.plugins:delphix

CVE-2022-25848 Vulnerability in npm package static-dev-server

Severity

Critical

Classification

CWE-269 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Third Party Advisory Exploit URL Repurposed