CVE-2016-4999

CRITICAL

Redhat Dashbuilder < 0.5.0 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.

Exploits (1)

nomisec STUB

by shanika04 · poc

https://github.com/shanika04/dashbuilder

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91795

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2016:1428

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2016:1429

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=1349990

[Third Party Advisory] https://github.com/dashbuilder/dashbuilder/commit/8574899e3b6455547b534f570b2330ff772e524b

[Permissions Required] https://issues.jboss.org/browse/DASHBUILDE-113

Scores

CVSS v3 9.8

EPSS 0.0697

EPSS Percentile 91.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (14)

redhat/dashbuilder < 0.5.0

redhat/jboss_bpm_suite 6.0.0

redhat/jboss_bpm_suite 6.0.1

redhat/jboss_bpm_suite 6.0.3

redhat/jboss_bpm_suite 6.1

redhat/jboss_bpm_suite 6.1.2

redhat/jboss_enterprise_brms_platform 5.0.0

redhat/jboss_enterprise_brms_platform 5.3.1

redhat/jboss_enterprise_brms_platform 6.0.0

redhat/jboss_enterprise_brms_platform 6.0.1

... and 4 more

Published Aug 05, 2016

Tracked Since Feb 18, 2026