{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-45849", "assignerOrgId": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "state": "PUBLISHED", "assignerShortName": "HiddenLayer", "dateReserved": "2024-09-10T15:36:52.126Z", "datePublished": "2024-09-12T12:59:25.993Z", "dateUpdated": "2024-09-12T14:02:51.572Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "mindsdb", "repo": "https://github.com/mindsdb/mindsdb", "vendor": "mindsdb", "versions": [{"lessThan": "24.7.4.1", "status": "affected", "version": "23.10.5.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server."}], "value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server."}], "impacts": [{"capecId": "CAPEC-35", "descriptions": [{"lang": "en", "value": "CAPEC-35 Leverage Executable Code in Non-Executable Files"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-95", "description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "shortName": "HiddenLayer", "dateUpdated": "2024-09-12T12:59:25.993Z"}, "references": [{"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "mindsdb", "product": "mindsdb", "cpes": ["cpe:2.3:a:mindsdb:mindsdb:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "23.10.5.0", "status": "affected", "lessThan": "24.7.4.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-12T14:01:54.454946Z", "id": "CVE-2024-45849", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T14:02:51.572Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-45849", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-12T14:01:54.454946Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:mindsdb:mindsdb:*:*:*:*:*:*:*:*"], "vendor": "mindsdb", "product": "mindsdb", "versions": [{"status": "affected", "version": "23.10.5.0", "lessThan": "24.7.4.1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T14:02:45.930Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-35", "descriptions": [{"lang": "en", "value": "CAPEC-35 Leverage Executable Code in Non-Executable Files"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mindsdb/mindsdb", "vendor": "mindsdb", "product": "mindsdb", "versions": [{"status": "affected", "version": "23.10.5.0", "lessThan": "24.7.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server.", "supportingMedia": [{"type": "text/html", "value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-95", "description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"}]}], "providerMetadata": {"orgId": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "shortName": "HiddenLayer", "dateUpdated": "2024-09-12T12:59:25.993Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45849", "state": "PUBLISHED", "dateUpdated": "2024-09-12T14:02:51.572Z", "dateReserved": "2024-09-10T15:36:52.126Z", "assignerOrgId": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "datePublished": "2024-09-12T12:59:25.993Z", "assignerShortName": "HiddenLayer"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mindsdb:mindsdb:*:*:*:*:*:*:*:*", "matchCriteriaId": "0199760F-7B3D-4743-A07E-8829B1F88F25", "versionEndExcluding": "24.7.4.1", "versionStartIncluding": "23.10.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario en las versiones 23.10.5.0 a 24.7.4.1 de la plataforma MindsDB, cuando la integraci\u00f3n de Microsoft SharePoint est\u00e1 instalada en el servidor. En el caso de las bases de datos creadas con el motor de SharePoint, se puede utilizar una consulta \"INSERT\" para la creaci\u00f3n de listas. Si una consulta de este tipo est\u00e1 especialmente manipulada para contener c\u00f3digo Python y se ejecuta en la base de datos, el c\u00f3digo se pasar\u00e1 a una funci\u00f3n eval y se ejecutar\u00e1 en el servidor."}], "id": "CVE-2024-45849", "lastModified": "2024-09-16T17:34:00.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "type": "Secondary"}]}, "published": "2024-09-12T13:15:13.700", "references": [{"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "tags": ["Exploit", "Third Party Advisory"], "url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/"}], "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-95"}], "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "type": "Secondary"}]}

{}