CVE-2023-52082 - Vulnerability Details - OpenCVE

Lychee is a free photo-management tool. Prior to 5.0.2, Lychee is vulnerable to an SQL injection on any binding when using mysql/mariadb. This injection is only active for users with the `.env` settings set to DB_LOG_SQL=true and DB_LOG_SQL_EXPLAIN=true. The defaults settings of Lychee are safe. The patch is provided on version 5.0.2. To work around this issue, disable SQL EXPLAIN logging.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Lycheeorg	Lychee

Configuration 1 [-]

cpe:2.3:a:lycheeorg:lychee:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4
https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4

History

Wed, 27 Nov 2024 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-12-28T15:46:24.291Z

Updated: 2024-11-27T15:32:17.641Z

Reserved: 2023-12-26T17:23:22.235Z

Link: CVE-2023-52082

Vulnrichment

Updated: 2024-08-02T22:48:12.155Z

NVD

Status : Modified

Published: 2023-12-28T16:16:02.290

Modified: 2024-11-21T08:39:08.010

Link: CVE-2023-52082

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52082", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-12-26T17:23:22.235Z", "datePublished": "2023-12-28T15:46:24.291Z", "dateUpdated": "2024-11-27T15:32:17.641Z"}, "containers": {"cna": {"title": "Lychee is vulnerable to an SQL Injection in explain DB queries.", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4"}, {"name": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", "tags": ["x_refsource_MISC"], "url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4"}], "affected": [{"vendor": "LycheeOrg", "product": "Lychee", "versions": [{"version": "< 5.0.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-28T15:46:24.291Z"}, "descriptions": [{"lang": "en", "value": "Lychee is a free photo-management tool. Prior to 5.0.2, Lychee is vulnerable to an SQL injection on any binding when using mysql/mariadb. This injection is only active for users with the `.env` settings set to DB_LOG_SQL=true and DB_LOG_SQL_EXPLAIN=true. The defaults settings of Lychee are safe. The patch is provided on version 5.0.2. To work around this issue, disable SQL EXPLAIN logging.\n"}], "source": {"advisory": "GHSA-rjwv-5j3m-p5x4", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:48:12.155Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4"}, {"name": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-27T15:32:03.975898Z", "id": "CVE-2023-52082", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T15:32:17.641Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", "name": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", "name": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:48:12.155Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52082", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-27T15:32:03.975898Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T15:32:12.394Z"}}], "cna": {"title": "Lychee is vulnerable to an SQL Injection in explain DB queries.", "source": {"advisory": "GHSA-rjwv-5j3m-p5x4", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "LycheeOrg", "product": "Lychee", "versions": [{"status": "affected", "version": "< 5.0.2"}]}], "references": [{"url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", "name": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", "name": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Lychee is a free photo-management tool. Prior to 5.0.2, Lychee is vulnerable to an SQL injection on any binding when using mysql/mariadb. This injection is only active for users with the `.env` settings set to DB_LOG_SQL=true and DB_LOG_SQL_EXPLAIN=true. The defaults settings of Lychee are safe. The patch is provided on version 5.0.2. To work around this issue, disable SQL EXPLAIN logging.\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-28T15:46:24.291Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52082", "state": "PUBLISHED", "dateUpdated": "2024-11-27T15:32:17.641Z", "dateReserved": "2023-12-26T17:23:22.235Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-12-28T15:46:24.291Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lycheeorg:lychee:*:*:*:*:*:*:*:*", "matchCriteriaId": "28BDD1B9-7255-4D9C-B4B2-EB8D485770EE", "versionEndExcluding": "5.0.2", "versionStartIncluding": "4.9.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Lychee is a free photo-management tool. Prior to 5.0.2, Lychee is vulnerable to an SQL injection on any binding when using mysql/mariadb. This injection is only active for users with the `.env` settings set to DB_LOG_SQL=true and DB_LOG_SQL_EXPLAIN=true. The defaults settings of Lychee are safe. The patch is provided on version 5.0.2. To work around this issue, disable SQL EXPLAIN logging.\n"}, {"lang": "es", "value": "Lychee es una herramienta gratuita de gesti\u00f3n de fotograf\u00edas. Antes de 5.0.2, Lychee es vulnerable a una inyecci\u00f3n SQL en cualquier enlace cuando se usa mysql/mariadb. Esta inyecci\u00f3n solo est\u00e1 activa para usuarios con la configuraci\u00f3n `.env` configurada en DB_LOG_SQL=true y DB_LOG_SQL_EXPLAIN=true. La configuraci\u00f3n predeterminada de Lychee es segura. El parche se proporciona en la versi\u00f3n 5.0.2. Para solucionar este problema, deshabilite el registro SQL EXPLAIN."}], "id": "CVE-2023-52082", "lastModified": "2024-11-21T08:39:08.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-28T16:16:02.290", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Secondary"}]}