{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-24697", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "dateUpdated": "2024-08-03T04:20:49.956Z", "dateReserved": "2022-02-09T00:00:00", "datePublished": "2022-10-13T00:00:00"}, "containers": {"cna": {"title": "Apache Kylin prior to 4.0.2 allows command injection when the configuration overwrites function overwrites system parameters", "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2022-12-30T00:00:00"}, "descriptions": [{"lang": "en", "value": "Kylin's cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of \u201c-- conf=\u201d to inject any operating system command into the command line parameters. This vulnerability affects Kylin 2 version 2.6.5 and earlier, Kylin 3 version 3.1.2 and earlier, and Kylin 4 version 4.0.1 and earlier."}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Kylin", "versions": [{"version": "Apache Kylin 2", "status": "affected", "lessThan": "2.6.6", "versionType": "custom"}, {"version": "Apache Kylin 3", "status": "affected", "lessThanOrEqual": "3.1.2", "versionType": "custom"}, {"version": "Apache Kylin 4", "status": "affected", "lessThanOrEqual": "4.0.1", "versionType": "custom"}]}], "references": [{"url": "https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4"}, {"name": "[oss-security] 20221230 CVE-2022-43396: Apache Kylin: Command injection by Useless configuration", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/12/30/1"}], "credits": [{"lang": "en", "value": "Kylin Team would like to thanks Kai Zhao of ToTU Secruity Team."}], "metrics": [{"other": {"type": "unknown", "content": {"other": "important"}}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Command injection"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "UNKNOWN"}, "workarounds": [{"lang": "en", "value": "Users of Kylin 2.x & Kylin 3.x & 4.x should upgrade to 4.0.2 or apply patch https://github.com/apache/kylin/pull/1811 ."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:49.956Z"}, "title": "CVE Program Container", "references": [{"url": "https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4", "tags": ["x_transferred"]}, {"name": "[oss-security] 20221230 CVE-2022-43396: Apache Kylin: Command injection by Useless configuration", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/12/30/1"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6B74CB6-F87D-4447-B14C-A670119EE2CB", "versionEndExcluding": "2.6.6", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E3780DD-1577-4A26-91B0-7A8687D257CD", "versionEndIncluding": "3.1.2", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:*", "matchCriteriaId": "122C33FB-877C-4C73-8298-15B500FBB1DA", "versionEndIncluding": "4.0.1", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Kylin's cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of \u201c-- conf=\u201d to inject any operating system command into the command line parameters. This vulnerability affects Kylin 2 version 2.6.5 and earlier, Kylin 3 version 3.1.2 and earlier, and Kylin 4 version 4.0.1 and earlier."}, {"lang": "es", "value": "La funci\u00f3n cube designer de Kylin presenta una vulnerabilidad de inyecci\u00f3n de comandos cuando son sobrescritos los par\u00e1metros del sistema en el men\u00fa de sobreescritura de la configuraci\u00f3n. Un RCE puede ser implementado cerrando las comillas simples alrededor del valor del par\u00e1metro \"conf\" para inyectar cualquier comando del sistema operativo en los par\u00e1metros de la l\u00ednea de comandos. Esta vulnerabilidad afecta a Kylin 2 versiones 2.6.5 y anteriores, Kylin 3 versiones 3.1.2 y anteriores, y Kylin 4 versiones 4.0.1 y anteriores"}], "id": "CVE-2022-24697", "lastModified": "2024-11-21T06:50:54.173", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-13T13:15:09.900", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/12/30/1"}, {"source": "security@apache.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/12/30/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://lists.apache.org/thread/07mnn9c7o314wrhrwjr10w9j5s82voj4"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}