CVE-2024-1597

{"id": "CVE-2024-1597", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-02-19T13:15:07.740", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/04/02/6", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56", "tags": ["Third Party Advisory"], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00007.html", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/TZQTSMESZD2RJ5XBPSXH3TIQVUW5DIUU/", "tags": ["Mailing List", "Third Party Advisory"], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://security.netapp.com/advisory/ntap-20240419-0008/", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://www.enterprisedb.com/docs/jdbc_connector/latest/01_jdbc_rel_notes/", "tags": ["Release Notes"], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "https://www.enterprisedb.com/docs/security/assessments/cve-2024-1597/", "tags": ["Third Party Advisory"], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/02/6", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00007.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00017.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/TZQTSMESZD2RJ5XBPSXH3TIQVUW5DIUU/", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20240419-0008/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.enterprisedb.com/docs/jdbc_connector/latest/01_jdbc_rel_notes/", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.enterprisedb.com/docs/security/assessments/cve-2024-1597/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.sonarsource.com/blog/double-dash-double-trouble-a-subtle-sql-injection-flaw/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected."}, {"lang": "es", "value": "pgjdbc, el controlador JDBC de PostgreSQL, permite al atacante inyectar SQL si usa PreferQueryMode=SIMPLE. Tenga en cuenta que este no es el valor predeterminado. En el modo predeterminado no hay vulnerabilidad. Un comod\u00edn para un valor num\u00e9rico debe ir precedido inmediatamente de un signo menos. Debe haber un segundo marcador de posici\u00f3n para un valor de cadena despu\u00e9s del primer marcador de posici\u00f3n; ambos deben estar en la misma l\u00ednea. Al construir un payload de cadena coincidente, el atacante puede inyectar SQL para alterar la consulta, evitando las protecciones que las consultas parametrizadas brindan contra los ataques de inyecci\u00f3n SQL. Las versiones anteriores a 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9 y 42.2.8 se ven afectadas."}], "lastModified": "2025-11-03T22:16:40.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51F0F89A-760E-4592-B142-0A28A0BCD61F", "versionEndExcluding": "42.2.28"}, {"criteria": "cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AF8DB08-81BB-48AD-85E5-B05220E49EA6", "versionEndExcluding": "42.3.9", "versionStartIncluding": "42.3.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3453F9D3-2F9E-493F-8993-4F2A9B9E53F2", "versionEndExcluding": "42.4.4", "versionStartIncluding": "42.4.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99C07B95-DBCC-4DB2-9896-2F7A98CEC91B", "versionEndExcluding": "42.5.5", "versionStartIncluding": "42.5.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F30ED3D3-46C8-49D8-BF6F-B804CF8FF02C", "versionEndExcluding": "42.6.1", "versionStartIncluding": "42.6.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F88E552-40D4-4287-9357-00D352133ADC", "versionEndExcluding": "42.7.2", "versionStartIncluding": "42.7.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"}], "operator": "OR"}]}], "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007"}