Main Vulnerability Database Vulnerabilities #VU43

SQL Injection in ModSecurity TailWatch log file - #VU43

Published: June 28, 2016

Vulnerability identifier: #VU43

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-89

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor:

Affected software:

Detailed vulnerability description

The vulnerability allows a remote authenticated attacker to inject and execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of entries in the ModSecurity TailWatch log file. A remote attacker can trick a cPanel user to import malicious logs into MySQL database and execute arbitrary SQL queries.

Successful exploitation of this vulnerability may allow an attacker to gain complete control over the application.

Remediation

Install the latest version 11.56.0.15, 11.54.0.24, 11.52.6.1 or 11.50.6.2.

Sources

http://news.cpanel.com/cpanel-tsr-2016-0003-full-disclosure/

SQL Injection in ModSecurity TailWatch log file - #VU43

Detailed vulnerability description

Remediation

Sources

Please verify you're human