CVE-2019-14900

MEDIUM

Redhat Openstack < 5.3.18 - SQL Injection

Title source: rule

Description

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

Exploits (1)

nomisec STUB

by shanika04 · poc

https://github.com/shanika04/hibernate-orm

View Code ZIP pw:eip

References (3)

[Issue Tracking, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1666499

[Mailing List] https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20220210-0020/

Scores

CVSS v3 6.5

EPSS 0.0181

EPSS Percentile 82.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-89

Status published

Affected Products (16)

redhat/openstack

hibernate/hibernate_orm < 5.3.18

redhat/build_of_quarkus

redhat/decision_manager

redhat/fuse < 7.8.0

redhat/jboss_data_grid

redhat/jboss_enterprise_application_platform

redhat/jboss_middleware_text-only_advisories

redhat/single_sign-on

quarkus/quarkus < 1.5.2

redhat/jboss_enterprise_application_platform

... and 1 more

Timeline

Published Jul 06, 2020

Tracked Since Feb 18, 2026