CVE-2021-36722 - Vulnerability Details - OpenCVE

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx code and the webroot location , information an attacker can leverage to further compromise the host.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Emuse - Eservices \/ Envoice Project	Emuse - Eservices \/ Envoice

Configuration 1 [-]

cpe:2.3:a:emuse_-_eservices_\/_envoice_project:emuse_-_eservices_\/_envoice:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.gov.il/en/departments/faq/cve_advisories

History

Mon, 16 Sep 2024 18:45:00 +0000

Type	Values Removed	Values Added
Title	Emuse - eServices / eNvoice SQL injection	Emuse - eServices / eNvoice SQL injection

MITRE

Status: PUBLISHED

Assigner: INCD

Published: 2021-12-29T14:13:38.766729Z

Updated: 2024-09-16T18:38:48.510Z

Reserved: 2021-07-12T00:00:00

Link: CVE-2021-36722

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-12-29T15:15:07.757

Modified: 2024-11-21T06:13:58.780

Link: CVE-2021-36722

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "eServices / eNvoice", "vendor": "Emuse", "versions": [{"status": "affected", "version": "Production"}]}], "credits": [{"lang": "en", "value": "Simon Kenin - ClearSky Cyber Security Ltd."}], "datePublic": "2021-12-28T00:00:00", "descriptions": [{"lang": "en", "value": "Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx code and the webroot location , information an attacker can leverage to further compromise the host."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 SQL Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-12-29T14:13:38", "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "shortName": "INCD"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}], "solutions": [{"lang": "en", "value": "The sql injection vulnerability was fixed by Escaping All User-Supplied Input"}], "source": {"advisory": "ILVN-2021-0007", "defect": ["ILVN-2021-0007"], "discovery": "EXTERNAL"}, "title": "Emuse - eServices / eNvoice SQL injection", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@cyber.gov.il", "DATE_PUBLIC": "2021-12-28T11:43:00.000Z", "ID": "CVE-2021-36722", "STATE": "PUBLIC", "TITLE": "Emuse - eServices / eNvoice SQL injection"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "eServices / eNvoice", "version": {"version_data": [{"version_name": "Production", "version_value": "Production"}]}}]}, "vendor_name": "Emuse"}]}}, "credit": [{"lang": "eng", "value": "Simon Kenin - ClearSky Cyber Security Ltd."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx code and the webroot location , information an attacker can leverage to further compromise the host."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-89 SQL Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.gov.il/en/departments/faq/cve_advisories", "refsource": "CONFIRM", "url": "https://www.gov.il/en/departments/faq/cve_advisories"}]}, "solution": [{"lang": "en", "value": "The sql injection vulnerability was fixed by Escaping All User-Supplied Input"}], "source": {"advisory": "ILVN-2021-0007", "defect": ["ILVN-2021-0007"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:01:59.375Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}]}]}, "cveMetadata": {"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "assignerShortName": "INCD", "cveId": "CVE-2021-36722", "datePublished": "2021-12-29T14:13:38.766729Z", "dateReserved": "2021-07-12T00:00:00", "dateUpdated": "2024-09-16T18:38:48.510Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:emuse_-_eservices_\\/_envoice_project:emuse_-_eservices_\\/_envoice:-:*:*:*:*:*:*:*", "matchCriteriaId": "70AAB657-22E4-4C6C-9CA3-F3F57F141E59", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx code and the webroot location , information an attacker can leverage to further compromise the host."}, {"lang": "es", "value": "La inyecci\u00f3n SQL de Emuse - eServices / eNvoice puede ser usada de varias formas que van desde omitir la autenticaci\u00f3n de inicio de sesi\u00f3n o volcar toda la base de datos hasta un RCE completo en los endpoints afectados. El SQLi causado por CWE-209: Generaci\u00f3n de Mensajes de Error con Informaci\u00f3n Confidencial, que muestra partes del c\u00f3digo aspx y la ubicaci\u00f3n del webroot , informaci\u00f3n que un atacante puede aprovechar para comprometer a\u00fan m\u00e1s el host"}], "id": "CVE-2021-36722", "lastModified": "2024-11-21T06:13:58.780", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "cna@cyber.gov.il", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-29T15:15:07.757", "references": [{"source": "cna@cyber.gov.il", "tags": ["Third Party Advisory"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}], "sourceIdentifier": "cna@cyber.gov.il", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "cna@cyber.gov.il", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}