by using APIs in the specified Component, e.g. through a web service. The vulnerability cannot be exploited through the application deployment mechanism. Note: This component requires database / LDAP access. This component requires database / LDAP access. End users with access to LDAP directories on their network may be at risk. How likely is it that you are affected? End users/customers with a critical/high risk profile likely to be affected. What happened? When Graal is running in a cluster, a vulnerability has been found in the Java code that creates and manages the database connection pool. An attacker could exploit this vulnerability to create and manage a database connection that has a privileged connection, which allows the attacker to gain elevated privileges.
Vulnerability details
The vulnerability allows the attacker to create and manage a database connection that has a privileged connection, which allows the attacker to gain elevated privileges.
Graal provides an API for creating and managing database connection pools. This vulnerability is found in the Java code that creates and manages the database connection pool. An attacker could exploit this vulnerability to create and manage a database connection that has a privileged connection, which allows the attacker to gain elevated privileges.
Vulnerable code example package com.sun.jndi; import java.sql.Connection; import java.util.Properties; public class ConnectionPools { private static final String CONNECTION_POOL_NAME = "java:jdbc/GraalTest"; protected ConnectionPool connectionPool; public ConnectionPool getConnection() throws SQLException { Connection conn = null; try { conn = connectionPool.getConnection(); } catch (SQLException e) {} return conn; } // ... public void setAutoReconnect(boolean autoReconnect) { this.autoReconnect = autoReconnect ? true : false; } // ...
Vulnerability Details
The vulnerability allows an attacker who has access to the LDAP directory on a network to create and manage a database connection that has privileged privileges. If the attacker is able to exploit this vulnerability, they could create and manage a database connection that has privileged privileges.
Timeline
Published on: 04/19/2022 21:15:00 UTC
Last modified on: 07/28/2022 17:00:00 UTC
References
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://security.netapp.com/advisory/ntap-20220429-0006/
- https://www.debian.org/security/2022/dsa-5128
- https://www.debian.org/security/2022/dsa-5131
- https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21426