{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-14T00:00:00", "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-08-05T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2016:1429", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2016:1429"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.jboss.org/browse/DASHBUILDE-113"}, {"name": "RHSA-2016:1428", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2016:1428"}, {"name": "91795", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91795"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dashbuilder/dashbuilder/commit/8574899e3b6455547b534f570b2330ff772e524b"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349990"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T00:46:40.208Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2016:1429", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2016:1429"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.jboss.org/browse/DASHBUILDE-113"}, {"name": "RHSA-2016:1428", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2016:1428"}, {"name": "91795", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91795"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/dashbuilder/dashbuilder/commit/8574899e3b6455547b534f570b2330ff772e524b"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349990"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-4999", "datePublished": "2016-08-05T15:00:00", "dateReserved": "2016-05-24T00:00:00", "dateUpdated": "2024-08-06T00:46:40.208Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:dashbuilder:*:*:*:*:*:*:*:*", "matchCriteriaId": "1ED5A7B1-DA21-44A1-9FF2-5C26C2C52822", "versionEndIncluding": "0.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7750C45E-4D02-45D5-A3AA-CF024C20AC8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_bpm_suite:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F14A3B7C-47B4-482B-AA65-023B52D60A7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_bpm_suite:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "9F28AF41-2266-48E3-A475-0ACE68D75E5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_bpm_suite:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF3A358D-6C92-4EB0-BE6F-CF717E38ECAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_bpm_suite:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "39DE3F7F-D2F3-4535-A333-B783DF212349", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CDC2527-97FE-409D-8DD6-78E085CC73C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A6B1CE36-5131-425D-90BD-FC597F27B3E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA0930C5-C483-414C-879D-029FDE8251C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "96916FF0-C1EE-4510-9268-2EF1D6B2F8BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AA93B32E-74E8-4F3A-BF59-38A3D9EB55BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B9C1AF8D-EB33-4223-B2E8-163780047D90", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8F8A920-EEA3-4854-B9BB-02B07F28F07A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "96F484CB-BF43-4ADD-8003-4E8852D93A62", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en el m\u00e9todo getStringParameterSQL en main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java en Dashbuilder en versiones anteriores a 0.6.0.Beta1 permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de un filtro de b\u00fasqueda de conjunto de datos en (1) Data Set Authoring o (2) Displayer editor UI."}], "id": "CVE-2016-4999", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-08-05T15:59:06.987", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/91795"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2016:1428"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2016:1429"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349990"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/dashbuilder/dashbuilder/commit/8574899e3b6455547b534f570b2330ff772e524b"}, {"source": "secalert@redhat.com", "tags": ["Permissions Required"], "url": "https://issues.jboss.org/browse/DASHBUILDE-113"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/91795"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2016:1428"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2016:1429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349990"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/dashbuilder/dashbuilder/commit/8574899e3b6455547b534f570b2330ff772e524b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://issues.jboss.org/browse/DASHBUILDE-113"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by David Gutierrez (Red Hat).", "affected_release": [{"advisory": "RHSA-2016:1429", "cpe": "cpe:/a:redhat:jboss_bpms:6.3", "product_name": "Red Hat JBoss BPMS 6.3", "release_date": "2016-07-14T00:00:00Z"}, {"advisory": "RHSA-2016:1428", "cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:6.3", "product_name": "Red Hat JBoss BRMS 6.3", "release_date": "2016-07-14T00:00:00Z"}], "bugzilla": {"description": "Dashbuilder: SQL Injection on data set lookup filters", "id": "1349990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349990"}, "csaw": false, "cvss": {"cvss_base_score": "6.5", "cvss_scoring_vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "status": "verified"}, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-89", "details": ["SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.", "A security flaw was found in the way Dashbuilder performed SQL datasets lookup requests in the Data Set Authoring UI or the Displayer editor UI. A remote attacker could use this flaw to conduct SQL injection attacks via specially-crafted string filter parameter."], "name": "CVE-2016-4999", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform", "fix_state": "Affected", "package_name": "dashbuilder", "product_name": "Red Hat BPM Suite 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:6", "fix_state": "Affected", "package_name": "dashbuilder", "product_name": "Red Hat JBoss BRMS 6"}], "public_date": "2016-07-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-4999\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-4999"], "threat_severity": "Important"}