CVE-2013-4662 - OpenCVE

The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the "second layer" of the API, related to contact.getquick.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Civicrm	Civicrm

Configuration 1 [-]

OR	cpe:2.3:a:civicrm:civicrm:4.2.0:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.1:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.2:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.4:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.5:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.6:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.7:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.8:::::::*
	cpe:2.3:a:civicrm:civicrm:4.2.9:::::::*
	cpe:2.3:a:civicrm:civicrm:4.3.0:::::::*
	cpe:2.3:a:civicrm:civicrm:4.3.1:::::::*
	cpe:2.3:a:civicrm:civicrm:4.3.2:::::::*
	cpe:2.3:a:civicrm:civicrm:4.3.3:::::::*

References

Link	Resource
http://issues.civicrm.org/jira/browse/CRM-12765	Vendor Advisory
https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-01-29T18:00:00

Updated: 2014-01-29T17:57:00

Reserved: 2013-06-24T00:00:00

Link: CVE-2013-4662

JSON object: View

NVD Information

Status : Analyzed

Published: 2014-01-29T18:55:26.637

Modified: 2014-02-21T19:29:06.233

Link: CVE-2013-4662

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-06-10T00:00:00", "descriptions": [{"lang": "en", "value": "The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the \"second layer\" of the API, related to contact.getquick."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-29T17:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://issues.civicrm.org/jira/browse/CRM-12765"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-4662", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the \"second layer\" of the API, related to contact.getquick."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api", "refsource": "CONFIRM", "url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"}, {"name": "http://issues.civicrm.org/jira/browse/CRM-12765", "refsource": "CONFIRM", "url": "http://issues.civicrm.org/jira/browse/CRM-12765"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-4662", "datePublished": "2014-01-29T18:00:00", "dateReserved": "2013-06-24T00:00:00", "dateUpdated": "2014-01-29T17:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C8CBF12E-640F-4752-8F52-B5B3D4015FC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A22C3AE-2E98-465C-B24C-725BEB99E943", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "21DDDCA1-78A1-4FFB-B180-7D0D20FE4FDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "8C5B0394-3C38-454F-BF55-82AADCDEBE9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "4F3D157E-9132-4EA9-A395-6E46C4C3C032", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "33E5813B-160F-48B2-91B2-4599048028A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "CC6A767A-D530-479B-9E3B-6FB49FD0B8FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "8D80D5F9-B4D9-41C9-B157-3FE31B54EDBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "1647D812-6174-4613-B57B-8BEF5C3877C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "074C6767-AC29-4A80-8A51-16DD69BFEAA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "FE6A4EB0-3143-41AF-B4CF-26C736BEF2A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B8BBCB1-99D0-4634-BAD6-495B9D040A4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:civicrm:civicrm:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "ECC01A92-9252-4184-B11A-39D077E761C5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the \"second layer\" of the API, related to contact.getquick."}, {"lang": "es", "value": "Quick Search API en CiviCRM 4.2.0 hasta la versi\u00f3n 4.2.9 y 4.3.0 hasta 4.3.3 permite a usuarios remotos autenticados evadir la capa de validaci\u00f3n y llevar a cabo ataques de inyecciones de SQL a trav\u00e9s de peticiones directas hacia una \"segunda capa\" de la API, relacionada con contact.getquick."}], "id": "CVE-2013-4662", "lastModified": "2014-02-21T19:29:06.233", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-29T18:55:26.637", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://issues.civicrm.org/jira/browse/CRM-12765"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://civicrm.org/advisory/civi-sa-2013-004-limited-sql-injection-quick-search-api"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}