CVE-2022-31196
HIGHdatabasir <= 1.0.6 - Server-Side Request Forgery via JDBC Driver File URL
Title source: llmDescription
Databasir is a database metadata management platform. Databasir <= 1.06 has Server-Side Request Forgery (SSRF) vulnerability. The SSRF is triggered by a sending a **single** HTTP POST request to create a databaseType. By supplying a `jdbcDriverFileUrl` that returns a non `200` response code, the url is executed, the response is logged (both in terminal and in database) and is included in the response. This would allow an attackers to obtain the real IP address and scan Intranet information. This issue was fixed in version 1.0.7.
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/vran-dev/databasir/security/advisories/GHSA-qvg8-427f-852q
Patch, Third Party Advisory x_refsource_misc
https://github.com/vran-dev/databasir/commit/226c20e0c9124037671a91d6b3e5083bd2462058
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/vran-dev/databasir/releases/tag/v1.0.7
Scores
CVSS v3
7.6
EPSS
0.0079
EPSS Percentile
51.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-918
Status
published
Products (1)
databasir/databasir
< 1.0.7
Published
Sep 02, 2022
Tracked Since
Feb 18, 2026