GeoServer SQL Injection

critical Web App Scanning Plugin ID 113959

Language:

Synopsis

GeoServer SQL Injection

Description

The GeoServer instance installed on the remote host is affected by a SQL injection vulnerability due to improper sanitization through an OGC Common Query Language query.

Solution

Apply the appropriate patch according to the vendor advisory or disable the PostGIS Datastore encode functions and enable the PostGIS DataStore preparedStatements setting.

See Also

https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf

Plugin Details

Severity: Critical

ID: 113959

Type: remote

Family: Component Vulnerability

Published: 6/9/2023

Updated: 6/9/2023

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-25157

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2023-25157

Vulnerability Information

CPE: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/13/2019

Vulnerability Publication Date: 2/21/2023

Reference Information

CVE: CVE-2023-25157

CWE: 89

OWASP: 2010-A1, 2013-A1, 2013-A9, 2017-A1, 2017-A9, 2021-A3, 2021-A6

WASC: SQL Injection

CAPEC: 108, 109, 110, 470, 66, 7

DISA STIG: APSC-DV-002540, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.14.2.5

NIST: sp800_53-CM-6b, sp800_53-SI-10

OWASP API: 2019-API7, 2019-API8, 2023-API8

OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.3.4

PCI-DSS: 3.2-6.2, 3.2-6.5.1