CVE-2023-25813 - Vulnerability Details - OpenCVE

Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

Vendors	Products
Sequelizejs	Sequelize

Configuration 1 [-]

cpe:2.3:a:sequelizejs:sequelize:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b
https://github.com/sequelize/sequelize/issues/14519
https://github.com/sequelize/sequelize/releases/tag/v6.19.1
https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw

History

Mon, 10 Mar 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-02-22T18:14:44.579Z

Updated: 2025-03-10T21:07:11.770Z

Reserved: 2023-02-15T16:34:48.773Z

Link: CVE-2023-25813

Vulnrichment

Updated: 2024-08-02T11:32:12.360Z

NVD

Status : Modified

Published: 2023-02-22T19:15:11.777

Modified: 2024-11-21T07:50:15.077

Link: CVE-2023-25813

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25813", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-02-15T16:34:48.773Z", "datePublished": "2023-02-22T18:14:44.579Z", "dateUpdated": "2025-03-10T21:07:11.770Z"}, "containers": {"cna": {"title": "SQL Injection via replacements in sequelize", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}, {"name": "https://github.com/sequelize/sequelize/issues/14519", "tags": ["x_refsource_MISC"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"name": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "tags": ["x_refsource_MISC"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"name": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}], "affected": [{"vendor": "sequelize", "product": "sequelize", "versions": [{"version": "< 6.19.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-22T18:14:44.579Z"}, "descriptions": [{"lang": "en", "value": "Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query."}], "source": {"advisory": "GHSA-wrh9-cjv3-2hpw", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:32:12.360Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}, {"name": "https://github.com/sequelize/sequelize/issues/14519", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"name": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"name": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-10T21:02:23.416082Z", "id": "CVE-2023-25813", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-10T21:07:11.770Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "name": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/sequelize/sequelize/issues/14519", "name": "https://github.com/sequelize/sequelize/issues/14519", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "name": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "name": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:32:12.360Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-25813", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-10T21:02:23.416082Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-10T21:02:24.856Z"}}], "cna": {"title": "SQL Injection via replacements in sequelize", "source": {"advisory": "GHSA-wrh9-cjv3-2hpw", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "sequelize", "product": "sequelize", "versions": [{"status": "affected", "version": "< 6.19.1"}]}], "references": [{"url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "name": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/sequelize/sequelize/issues/14519", "name": "https://github.com/sequelize/sequelize/issues/14519", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "name": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "name": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-22T18:14:44.579Z"}}}, "cveMetadata": {"cveId": "CVE-2023-25813", "state": "PUBLISHED", "dateUpdated": "2025-03-10T21:07:11.770Z", "dateReserved": "2023-02-15T16:34:48.773Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-02-22T18:14:44.579Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sequelizejs:sequelize:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "17071F43-EBB2-4A3C-ACD4-8914666046E8", "versionEndExcluding": "6.19.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query."}], "id": "CVE-2023-25813", "lastModified": "2024-11-21T07:50:15.077", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-22T19:15:11.777", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/sequelize/sequelize/issues/14519"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/sequelize/sequelize/releases/tag/v6.19.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/sequelize/sequelize/security/advisories/GHSA-wrh9-cjv3-2hpw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}