cvelistv5 - cve-2024-22261

CVE-2024-22261 (GCVE-0-2024-22261)

Vulnerability from cvelistv5

Published

2024-06-10 23:25

Modified

2024-08-01 22:43

Severity ?

2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-566

Summary

SQL-Injection in Harbor allows priviledge users to leak the task IDs

References

►

URL

Tags

	security@vmware.com	https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j	Vendor Advisory

Impacted products

	Vendor	Product	Version
	Harbor	Harbor	Version: 2.8.1 < Version: 2.9.0 < Version: 2.10.0 <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22261",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T19:29:24.478745Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T20:26:08.086Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:43:34.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "Harbor",
          "product": "Harbor",
          "repo": "https://github.com/goharbor",
          "vendor": "Harbor",
          "versions": [
            {
              "lessThanOrEqual": "2.8.5",
              "status": "affected",
              "version": "2.8.1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2.9.3",
              "status": "affected",
              "version": "2.9.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2.10.1",
              "status": "affected",
              "version": "2.10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eSQL-Injection in Harbor allows priviledge users to leak the task IDs\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "SQL-Injection in Harbor allows priviledge users to leak the task IDs"
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-566",
              "description": "CWE-566",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-10T23:25:32.158Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "SQL Injection in Harbor scan log API",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-22261",
    "datePublished": "2024-06-10T23:25:32.158Z",
    "dateReserved": "2024-01-08T18:43:17.077Z",
    "dateUpdated": "2024-08-01T22:43:34.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-22261\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-06-11T00:15:13.790\",\"lastModified\":\"2025-02-27T15:14:51.320\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SQL-Injection in Harbor allows priviledge users to leak the task IDs\"},{\"lang\":\"es\",\"value\":\"La inyecci\u00f3n SQL en Harbour permite a los usuarios con privilegios filtrar los ID de las tareas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":2.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-566\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.8.1\",\"versionEndExcluding\":\"2.8.6\",\"matchCriteriaId\":\"2A5F0D1B-6415-4FCE-B1A1-B063C291AD24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.4\",\"matchCriteriaId\":\"50F4F7A5-1A16-4BAD-9890-DA65E0CC9638\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.10.0\",\"versionEndExcluding\":\"2.10.2\",\"matchCriteriaId\":\"429DE716-B324-4AB0-B423-BE27288E33BB\"}]}]}],\"references\":[{\"url\":\"https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:43:34.096Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22261\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-12T19:29:24.478745Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-12T19:29:28.852Z\"}}], \"cna\": {\"title\": \"SQL Injection in Harbor scan log API\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"data\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 2.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/goharbor\", \"vendor\": \"Harbor\", \"product\": \"Harbor\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.8.1\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.8.5\"}, {\"status\": \"affected\", \"version\": \"2.9.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.9.3\"}, {\"status\": \"affected\", \"version\": \"2.10.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.10.1\"}], \"packageName\": \"Harbor\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SQL-Injection in Harbor allows priviledge users to leak the task IDs\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003eSQL-Injection in Harbor allows priviledge users to leak the task IDs\u003cbr\u003e\u003c/div\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-566\", \"description\": \"CWE-566\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-06-10T23:25:32.158Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-22261\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T22:43:34.096Z\", \"dateReserved\": \"2024-01-08T18:43:17.077Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-06-10T23:25:32.158Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-vw63-824v-qf2j

Vulnerability from github

Published

2024-06-02 22:32

Modified

2024-06-17 15:14

Severity ?

2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Summary

SQL Injection in Harbor scan log API

Details

Impact

A user with an administrator, project_admin, or project_maintainer role could utilize and exploit SQL Injection to allow the execution of any Postgres function or the extraction of sensitive information from the database through this API: GET /api/v2.0/projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan/{report_id}/log The SQL injection might happen in the code:

https://github.com/goharbor/harbor/blob/9b7c1a2274fbc5ea16e19a484532f86c08926577/src/pkg/task/task.go#L241

Because raw SQL executed in ormer.Raw(Sql).QueryRows() is PrepareStatement. In the driver of Postgres, one PrepareStatement must contain only ONE SQL command, see https://www.postgresql.org/docs/15/libpq-exec.html#LIBPQ-PQPREPARE. The SQL should start with: SELECT * FROM task WHERE extra_attrs::jsonb->'report_uuids' @> Adding a delete/update operation by appending malicious content to the current SQL is impossible. Furthermore, the query result of the task is just an intermediate result, the task ID is used to locate the job log file, and the response only contains the content of the job log file. so this vulnerability can be used to execute SQL functions, but it can't leak any useful information to the response.

Harbor >=v2.8.1, >=2.9.0, >=2.10.0 are impacted.

Patches

Harbor v2.8.6, v2.9.4, v2.10.2 fixes this issue.

Workarounds

There is no workaround for this issue.

Credits

Thanks Taisei Inoue (taisei.inoue@gmo-cybersecurity.com)

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/goharbor/harbor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/goharbor/harbor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/goharbor/harbor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.10.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-22261"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-566"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-02T22:32:40Z",
    "nvd_published_at": "2024-06-11T00:15:13Z",
    "severity": "LOW"
  },
  "details": "### Impact\n\nA user with an administrator, project_admin, or project_maintainer role could utilize and exploit SQL Injection to allow the execution of any Postgres function or the extraction of sensitive information from the database through this API:\n```\nGET /api/v2.0/projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan/{report_id}/log\n```\nThe SQL injection might happen in the code: \n\nhttps://github.com/goharbor/harbor/blob/9b7c1a2274fbc5ea16e19a484532f86c08926577/src/pkg/task/task.go#L241\n\nBecause raw SQL executed in ormer.Raw(Sql).QueryRows() is PrepareStatement. In the driver of Postgres, one PrepareStatement must contain only ONE SQL command, see https://www.postgresql.org/docs/15/libpq-exec.html#LIBPQ-PQPREPARE.  The SQL should start with:\n```\nSELECT * FROM task WHERE extra_attrs::jsonb-\u003e\u0027report_uuids\u0027 @\u003e\n```\nAdding a delete/update operation by appending malicious content to the current SQL is impossible. Furthermore, the query result of the task is just an intermediate result, the task ID is used to locate the job log file, and the response only contains the content of the job log file. so this vulnerability can be used to execute SQL functions, but it can\u0027t leak any useful information to the response.\n\nHarbor \u003e=v2.8.1, \u003e=2.9.0, \u003e=2.10.0 are impacted.\n\n### Patches\nHarbor v2.8.6, v2.9.4, v2.10.2 fixes this issue.\n\n### Workarounds\nThere is no workaround for this issue.\n\n### Credits\n\nThanks Taisei Inoue ([taisei.inoue@gmo-cybersecurity.com](mailto:taisei.inoue@gmo-cybersecurity.com))",
  "id": "GHSA-vw63-824v-qf2j",
  "modified": "2024-06-17T15:14:41Z",
  "published": "2024-06-02T22:32:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22261"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/goharbor/harbor"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2024-2916"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "SQL Injection in Harbor scan log API"
}

wid-sec-w-2024-1263

Vulnerability from csaf_certbund

Published

2024-05-30 22:00

Modified

2024-05-30 22:00

Summary

Harbor: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Harbor ist eine Registry, die die Docker Distribution erweitert, um Artefakte mit Richtlinien und rollenbasierter Zugriffskontrolle zu sichern.

Angriff

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Harbor ausnutzen, um Informationen offenzulegen und um URLs zu manipulieren.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Harbor ist eine Registry, die die Docker Distribution erweitert, um Artefakte mit Richtlinien und rollenbasierter Zugriffskontrolle zu sichern.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Harbor ausnutzen, um Informationen offenzulegen und um URLs zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1263 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1263.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1263 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1263"
      },
      {
        "category": "external",
        "summary": "GitHub Security Database vom 2024-05-30",
        "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
      },
      {
        "category": "external",
        "summary": "GitHub Security Database vom 2024-05-30",
        "url": "http://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
      }
    ],
    "source_lang": "en-US",
    "title": "Harbor: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-05-30T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:09:42.852+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1263",
      "initial_release_date": "2024-05-30T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cv2.8.6",
                "product": {
                  "name": "Open Source Harbor \u003cv2.8.6",
                  "product_id": "T035120"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.9.4",
                "product": {
                  "name": "Open Source Harbor \u003cv2.9.4",
                  "product_id": "T035121"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.10.2",
                "product": {
                  "name": "Open Source Harbor \u003cv2.10.2",
                  "product_id": "T035122"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.9.3",
                "product": {
                  "name": "Open Source Harbor \u003cv2.9.3",
                  "product_id": "T035124"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.10.1",
                "product": {
                  "name": "Open Source Harbor \u003cv2.10.1",
                  "product_id": "T035125"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.8.5",
                "product": {
                  "name": "Open Source Harbor \u003cv2.8.5",
                  "product_id": "T035126"
                }
              }
            ],
            "category": "product_name",
            "name": "Harbor"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22261",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Harbor, die auf eine unzureichende Validierung und Bereinigung von Benutzereingaben zur\u00fcckzuf\u00fchren ist, was zu SQL-Injection f\u00fchrt. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2024-05-30T22:00:00.000+00:00",
      "title": "CVE-2024-22261"
    },
    {
      "cve": "CVE-2024-22244",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Harbor, die auf eine unzureichende URL-Validierung w\u00e4hrend der OIDC-Authentifizierung zur\u00fcckzuf\u00fchren ist und einen Open-Redirect-Angriff erm\u00f6glicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er b\u00f6sartige URLs erstellt, die Benutzer auf Phishing- oder b\u00f6sartige Websites umleiten."
        }
      ],
      "release_date": "2024-05-30T22:00:00.000+00:00",
      "title": "CVE-2024-22244"
    }
  ]
}

fkie_cve-2024-22261

Vulnerability from fkie_nvd

Published

2024-06-11 00:15

Modified

2025-02-27 15:14

Severity ?

2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

Summary

SQL-Injection in Harbor allows priviledge users to leak the task IDs

References

▶	URL	Tags
	security@vmware.com	https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j	Vendor Advisory

Impacted products

Vendor	Product	Version
linuxfoundation	harbor	*
linuxfoundation	harbor	*
linuxfoundation	harbor	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5F0D1B-6415-4FCE-B1A1-B063C291AD24",
              "versionEndExcluding": "2.8.6",
              "versionStartIncluding": "2.8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "50F4F7A5-1A16-4BAD-9890-DA65E0CC9638",
              "versionEndExcluding": "2.9.4",
              "versionStartIncluding": "2.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "429DE716-B324-4AB0-B423-BE27288E33BB",
              "versionEndExcluding": "2.10.2",
              "versionStartIncluding": "2.10.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL-Injection in Harbor allows priviledge users to leak the task IDs"
    },
    {
      "lang": "es",
      "value": "La inyecci\u00f3n SQL en Harbour permite a los usuarios con privilegios filtrar los ID de las tareas"
    }
  ],
  "id": "CVE-2024-22261",
  "lastModified": "2025-02-27T15:14:51.320",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 2.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 1.4,
        "source": "security@vmware.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-11T00:15:13.790",
  "references": [
    {
      "source": "security@vmware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-566"
        }
      ],
      "source": "security@vmware.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2024-22261

Vulnerability from gsd

Modified

2024-01-09 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-22261

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-22261"
      ],
      "id": "GSD-2024-22261",
      "modified": "2024-01-09T06:02:15.333772Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-22261",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-22261 (GCVE-0-2024-22261)

Vulnerability from cvelistv5

ghsa-vw63-824v-qf2j

Vulnerability from github

Impact

Patches

Workarounds

Credits

wid-sec-w-2024-1263

Vulnerability from csaf_certbund

fkie_cve-2024-22261

Vulnerability from fkie_nvd

gsd-2024-22261

Vulnerability from gsd

Tags

Sightings

Nomenclature