CVE-2022-41208 An attacker with user privileges can alter a user's session.

To exploit the vulnerability, an attacker must be able to log in to the targeted application with user privileges. The update causes certain parameters of the SQL query to be filtered, preventing the injection of malicious code. Unfortunately, due to insufficient input validation, this filter can be bypassed. As a result, a malicious user can inject SQL code into the database, allowing the injection of code that allows the viewing or modification of information. In order to exploit the vulnerability, an attacker must be able to log in to the targeted application with user privileges. The update causes certain parameters of the SQL query to be filtered, preventing the injection of malicious code. Unfortunately, due to insufficient input validation, this filter can be bypassed. As a result, a malicious user can inject SQL code into the database, allowing the injection of code that allows the viewing or modification of information.

Vulnerable versions

The following versions are vulnerable to this issue:
- Windows Server 2003 Service Pack 2,
- Windows Vista,
- Windows 7,
- Windows Server 2008 R2,
- Windows 8,
- Windows Server 2012.

What is Apache TomEE?

Apache TomEE is a Java EE application server for enterprise applications. It is a fully managed, open source, and free to use enterprise application server with built-in clustering capabilities.
TomEE extends the functionality of the Java EE platform with clustered and high-availability features. For example, TomEE provides a web-based management console that allows administrators to quickly access deployment, monitoring, and diagnostics information across multiple nodes in the cluster.

Vulnerable code example

The following query will return all of the accounts with an older password less than 8 characters long.
SELECT * FROM Users WHERE Password_len

SQL Injection

SQL injection is a type of computer security vulnerability that occurs when an application that uses or displays untrusted data from a database incorrectly performs input validation on user input, allowing users to execute statements in SQL, which can be potentially destructive.

Timeline

Published on: 11/08/2022 22:15:00 UTC
Last modified on: 11/14/2022 20:15:00 UTC

References

• https://launchpad.support.sap.com/#/notes/3260708
• https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41208