Description

SQL injection vulnerability in the upgrade process for SQL Server in Liferay Portal 7.3.1 through 7.4.3.17, and Liferay DXP 7.3 before update 6, and 7.4 before update 18 allows attackers to execute arbitrary SQL commands via the name of a database table's primary key index. This vulnerability is only exploitable when chained with other attacks. To exploit this vulnerability, the attacker must modify the database and wait for the application to be upgraded.

Remediation

References

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33945

Related Vulnerabilities

CVE-2022-42123 Vulnerability in maven package com.liferay:com.liferay.portal.search.elasticsearch7.impl

CVE-2022-31679 Vulnerability in maven package org.springframework.data:spring-data-rest-webmvc

CVE-2023-40014 Vulnerability in npm package @openzeppelin/contracts

CVE-2012-2378 Vulnerability in maven package org.apache.cxf:cxf-bundle-minimal

CVE-2017-5641 Vulnerability in maven package com.adobe.blazeds:flex-messaging-core

Severity

Critical

Classification

CWE-89 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Vendor Advisory