CVE-2024-6980

RCE Injection SQL
 

A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
https://nvd.nist.gov/vuln/detail/CVE-2024-6980

Categories

CWE-209 : Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data. This weakness generally requires domain-specific interpretation using manual analysis. However, the number of potential error conditions may be too large to cover completely within limited time constraints. Automated methods may be able to detect certain idioms automatically, such as exposed stack traces or pathnames, but violation of business rules or privacy requirements is not typically feasible. Identify error conditions that are not likely to occur during normal usage and trigger them. For example, run the program under low memory conditions, run with insufficient privileges or permissions, interrupt a transaction before it is completed, or disable connectivity to basic network services such as DNS. Monitor the software for any unexpected behavior. If you trigger an unhandled exception or similar error that was discovered and handled by the application's environment, it may still indicate unexpected conditions that were not handled by the application itself. Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.) Handle exceptions internally and do not display errors containing potentially sensitive information to a user. Use naming conventions and strong types to make it easier to spot when sensitive data is being used. When creating structures, objects, or other complex entities, separate the sensitive and non-sensitive data as much as possible. Debugging information should not make its way into a production release. Debugging information should not make its way into a production release. Where available, configure the environment to use less verbose error messages. For example, in PHP, disable the display_errors setting during configuration, or at runtime using the error_reporting() function. Create default error pages or messages that do not leak any information. POP3 server reveals a password in an error message after multiple APOP commands are sent. Might be resultant from another weakness. Program reveals password in error message if attacker can trigger certain database errors. Composite: application running with high privileges (CWE-250) allows user to specify a restricted file to process, which generates a parsing error that leaks the contents of the file (CWE-209). Existence of user names can be determined by requesting a nonexistent blog and reading the error message. Direct request to library file in web application triggers pathname leak in error message. Malformed input to login page causes leak of full path when IMAP call fails. Malformed regexp syntax leads to information exposure in error message. verbose logging stores admin credentials in a world-readablelog file SSH password for private key stored in build log

References


 

CPE

cpe start end


REMEDIATION




EXPLOITS


Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits


CAPEC


Common Attack Pattern Enumerations and Classifications

id description severity
215 Fuzzing for application mapping
Low
463 Padding Oracle Crypto Attack
High
54 Query System for Information
Low
7 Blind SQL Injection
High