CVE-2023-25813 - Vulnerability Details - OpenCVE

ReportizFlow

Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sequelizejs	Sequelize

Configuration 1 [-]

cpe:2.3:a:sequelizejs:sequelize:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b
https://github.com/sequelize/sequelize/issues/14519
https://github.com/sequelize/sequelize/releases/tag/v6.19.1
https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-02-22T18:14:44.579Z

Updated: 2024-08-02T11:32:12.360Z

Reserved: 2023-02-15T16:34:48.773Z

Link: CVE-2023-25813

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-22T19:15:11.777

Modified: 2024-11-21T07:50:15.077

Link: CVE-2023-25813

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25813", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-02-15T16:34:48.773Z", "datePublished": "2023-02-22T18:14:44.579Z", "dateUpdated": "2024-08-02T11:32:12.360Z"}, "containers": {"cna": {"title": "SQL Injection via replacements in sequelize", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}, {"name": "https://github.com/sequelize/sequelize/issues/14519", "tags": ["x_refsource_MISC"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"name": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "tags": ["x_refsource_MISC"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"name": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}], "affected": [{"vendor": "sequelize", "product": "sequelize", "versions": [{"version": "< 6.19.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-22T18:14:44.579Z"}, "descriptions": [{"lang": "en", "value": "Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query."}], "source": {"advisory": "GHSA-wrh9-cjv3-2hpw", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:32:12.360Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}, {"name": "https://github.com/sequelize/sequelize/issues/14519", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"name": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"name": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sequelizejs:sequelize:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "17071F43-EBB2-4A3C-ACD4-8914666046E8", "versionEndExcluding": "6.19.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query."}], "id": "CVE-2023-25813", "lastModified": "2024-11-21T07:50:15.077", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-02-22T19:15:11.777", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"source": "[email protected]", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"source": "[email protected]", "tags": ["Release Notes"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}, {"source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "[email protected]", "type": "Primary"}]}