cvelistv5 - cve-2014-3704

CVE-2014-3704 (GCVE-0-2014-3704)

Vulnerability from cvelistv5

Published

2014-10-16 00:00

Modified

2024-08-06 10:50

Severity ?

CWE

Summary

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.

References

URL

Tags

	https://www.drupal.org/SA-CORE-2014-005	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2014/Oct/75	mailing-list, x_refsource_FULLDISC
	http://www.securityfocus.com/archive/1/533706/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html	x_refsource_MISC
	http://www.exploit-db.com/exploits/34984	exploit, x_refsource_EXPLOIT-DB
	http://www.exploit-db.com/exploits/35150	exploit, x_refsource_EXPLOIT-DB
	http://www.openwall.com/lists/oss-security/2014/10/15/23	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/59972	third-party-advisory, x_refsource_SECUNIA
	http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html	x_refsource_MISC
	http://www.exploit-db.com/exploits/34992	exploit, x_refsource_EXPLOIT-DB
	http://www.debian.org/security/2014/dsa-3051	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/70595	vdb-entry, x_refsource_BID
	http://www.exploit-db.com/exploits/34993	exploit, x_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html	x_refsource_MISC
	http://osvdb.org/show/osvdb/113371	vdb-entry, x_refsource_OSVDB
	https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html	x_refsource_MISC
	http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:50:17.990Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.drupal.org/SA-CORE-2014-005"
          },
          {
            "name": "20141016 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/75"
          },
          {
            "name": "20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533706/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html"
          },
          {
            "name": "34984",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34984"
          },
          {
            "name": "35150",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/35150"
          },
          {
            "name": "[oss-security] 20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/10/15/23"
          },
          {
            "name": "59972",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59972"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html"
          },
          {
            "name": "34992",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34992"
          },
          {
            "name": "DSA-3051",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3051"
          },
          {
            "name": "70595",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70595"
          },
          {
            "name": "34993",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34993"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html"
          },
          {
            "name": "113371",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/show/osvdb/113371"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.drupal.org/SA-CORE-2014-005"
        },
        {
          "name": "20141016 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/75"
        },
        {
          "name": "20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533706/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html"
        },
        {
          "name": "34984",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34984"
        },
        {
          "name": "35150",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/35150"
        },
        {
          "name": "[oss-security] 20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/10/15/23"
        },
        {
          "name": "59972",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59972"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html"
        },
        {
          "name": "34992",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34992"
        },
        {
          "name": "DSA-3051",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3051"
        },
        {
          "name": "70595",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70595"
        },
        {
          "name": "34993",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34993"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html"
        },
        {
          "name": "113371",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/show/osvdb/113371"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-3704",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.drupal.org/SA-CORE-2014-005",
              "refsource": "CONFIRM",
              "url": "https://www.drupal.org/SA-CORE-2014-005"
            },
            {
              "name": "20141016 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/75"
            },
            {
              "name": "20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533706/100/0/threaded"
            },
            {
              "name": "https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html",
              "refsource": "MISC",
              "url": "https://www.sektioneins.de/en/advisories/advisory-012014-drupal-pre-auth-sql-injection-vulnerability.html"
            },
            {
              "name": "34984",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34984"
            },
            {
              "name": "35150",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/35150"
            },
            {
              "name": "[oss-security] 20141015 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/10/15/23"
            },
            {
              "name": "59972",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59972"
            },
            {
              "name": "http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-Injection.html"
            },
            {
              "name": "34992",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34992"
            },
            {
              "name": "DSA-3051",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3051"
            },
            {
              "name": "70595",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70595"
            },
            {
              "name": "34993",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34993"
            },
            {
              "name": "http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.html"
            },
            {
              "name": "113371",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/show/osvdb/113371"
            },
            {
              "name": "https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html",
              "refsource": "MISC",
              "url": "https://www.sektioneins.de/en/blog/14-11-03-drupal-sql-injection-vulnerability-PoC.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-3704",
    "datePublished": "2014-10-16T00:00:00.000Z",
    "dateReserved": "2014-05-14T00:00:00.000Z",
    "dateUpdated": "2024-08-06T10:50:17.990Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2014-ALE-008

Vulnerability from certfr_alerte

Une vulnérabilité a été découverte dans Drupal. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance sans authentification préalable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Drupal core, versions 7.x antérieures à 7.32

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Drupal du 15 octobre 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eDrupal core, versions 7.x ant\u00e9rieures \u00e0 7.32\u003c/P\u003e",
  "closed_at": "2015-01-30",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3704"
    }
  ],
  "initial_release_date": "2014-10-16T00:00:00",
  "last_revision_date": "2015-01-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2014-ALE-008",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2014-10-16T00:00:00.000000"
    },
    {
      "description": "fermeture de l\u0027alerte.",
      "revision_date": "2015-01-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan\nclass=\"textit\"\u003eDrupal\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance sans authentification\npr\u00e9alable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Drupal",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Drupal du 15 octobre 2014",
      "url": "https://www.drupal.org/SA-CORE-2014-005"
    }
  ]
}

CERTFR-2014-AVI-434

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans Drupal. Elle permet à un attaquant de provoquer une injection de requêtes SQL, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Drupal 7 versions antérieures à 7.32

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Drupal SA-CORE-2014-005 du 15 octobre 2014	None	vendor-advisory
Bulletin de sécurité Drupal SA-CORE-2014-005 du 15 octobre 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eDrupal 7 versions ant\u00e9rieures \u00e0 7.32\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3704"
    }
  ],
  "initial_release_date": "2014-10-16T00:00:00",
  "last_revision_date": "2014-10-16T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Drupal SA-CORE-2014-005 du 15 octobre    2014",
      "url": "https://www.drupal.org/SA-CORE-2014-005"
    }
  ],
  "reference": "CERTFR-2014-AVI-434",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection SQL"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan\nclass=\"textit\"\u003eDrupal\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer\nune injection de requ\u00eates SQL, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Drupal",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Drupal SA-CORE-2014-005 du 15 octobre 2014",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2014-3704 (GCVE-0-2014-3704)

Vulnerability from cvelistv5

CERTFR-2014-ALE-008

Vulnerability from certfr_alerte

Solution

CERTFR-2014-AVI-434

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature