Vulnerability-Lookup

CNVD-2015-03457

Vulnerability from cnvd - Published: 2015-05-29

Title

OSIsoft PI AF和PI SQL for AF命令限制绕过漏洞

Description

OSIsoft PI AF（Asset Framework）是一套可为资产定义一致的呈现方式并提供结构化信息的资产框架，它支持将资产属性与关系数据库进行关联、基于资产的数据分析和应用计算等。PI SQL for AF是一个SQL访问接口。 OSIsoft PI AF和2.7版本和PI SQL for AF存在安全漏洞，由于程序可以向PI SQL(AF)Trusted Users组插入Everyone账户，允许远程攻击者通过特殊的SQL语句绕过命令限制，执行未授权操作。

Severity

中

Patch Name

OSIsoft PI AF和PI SQL for AF命令限制绕过漏洞的补丁

Patch Description

OSIsoft PI AF（Asset Framework）是一套可为资产定义一致的呈现方式并提供结构化信息的资产框架，它支持将资产属性与关系数据库进行关联、基于资产的数据分析和应用计算等。PI SQL for AF是一个SQL访问接口。OSIsoft PI AF和2.7版本和PI SQL for AF存在安全漏洞，由于程序可以向PI SQL(AF)Trusted Users组插入Everyone账户，允许远程攻击者通过特殊的SQL语句绕过命令限制，执行未授权操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00280

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01

Impacted products

Name
['OSISoft PI AF 2.6', 'OSISoft PI AF 2.7', 'OSISoft PI SQL for AF 2.1.2.19']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-1013"
    }
  },
  "description": "OSIsoft PI AF\uff08Asset Framework\uff09\u662f\u4e00\u5957\u53ef\u4e3a\u8d44\u4ea7\u5b9a\u4e49\u4e00\u81f4\u7684\u5448\u73b0\u65b9\u5f0f\u5e76\u63d0\u4f9b\u7ed3\u6784\u5316\u4fe1\u606f\u7684\u8d44\u4ea7\u6846\u67b6\uff0c\u5b83\u652f\u6301\u5c06\u8d44\u4ea7\u5c5e\u6027\u4e0e\u5173\u7cfb\u6570\u636e\u5e93\u8fdb\u884c\u5173\u8054\u3001\u57fa\u4e8e\u8d44\u4ea7\u7684\u6570\u636e\u5206\u6790\u548c\u5e94\u7528\u8ba1\u7b97\u7b49\u3002PI SQL for AF\u662f\u4e00\u4e2aSQL\u8bbf\u95ee\u63a5\u53e3\u3002\r\n\r\nOSIsoft PI AF\u548c2.7\u7248\u672c\u548cPI SQL for AF\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u53ef\u4ee5\u5411PI SQL(AF)Trusted Users\u7ec4\u63d2\u5165Everyone\u8d26\u6237\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u6b8a\u7684SQL\u8bed\u53e5\u7ed5\u8fc7\u547d\u4ee4\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002",
  "discovererName": "OSIsoft",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://techsupport.osisoft.com/Troubleshooting/Alerts/AL00280",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-03457",
  "openTime": "2015-05-29",
  "patchDescription": "OSIsoft PI AF\uff08Asset Framework\uff09\u662f\u4e00\u5957\u53ef\u4e3a\u8d44\u4ea7\u5b9a\u4e49\u4e00\u81f4\u7684\u5448\u73b0\u65b9\u5f0f\u5e76\u63d0\u4f9b\u7ed3\u6784\u5316\u4fe1\u606f\u7684\u8d44\u4ea7\u6846\u67b6\uff0c\u5b83\u652f\u6301\u5c06\u8d44\u4ea7\u5c5e\u6027\u4e0e\u5173\u7cfb\u6570\u636e\u5e93\u8fdb\u884c\u5173\u8054\u3001\u57fa\u4e8e\u8d44\u4ea7\u7684\u6570\u636e\u5206\u6790\u548c\u5e94\u7528\u8ba1\u7b97\u7b49\u3002PI SQL for AF\u662f\u4e00\u4e2aSQL\u8bbf\u95ee\u63a5\u53e3\u3002OSIsoft PI AF\u548c2.7\u7248\u672c\u548cPI SQL for AF\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u53ef\u4ee5\u5411PI SQL(AF)Trusted Users\u7ec4\u63d2\u5165Everyone\u8d26\u6237\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u6b8a\u7684SQL\u8bed\u53e5\u7ed5\u8fc7\u547d\u4ee4\u9650\u5236\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OSIsoft PI AF\u548cPI SQL for AF\u547d\u4ee4\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "OSISoft PI AF 2.6",
      "OSISoft PI AF 2.7",
      "OSISoft PI SQL for AF 2.1.2.19"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01",
  "serverity": "\u4e2d",
  "submitTime": "2015-05-26",
  "title": "OSIsoft PI AF\u548cPI SQL for AF\u547d\u4ee4\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2015-1013 (GCVE-0-2015-1013)

Vulnerability from cvelistv5 – Published: 2015-05-26 01:00 – Updated: 2024-08-06 04:26

Summary

OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements.

Severity ?

No CVSS data available.

CWE

Assigner

icscert

References

URL

Tags

	https://techsupport.osisoft.com/Troubleshooting/A…	x_refsource_CONFIRM
	https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:26:11.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00280"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-05-26T01:57:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00280"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2015-1013",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended command restrictions via SQL statements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00280",
              "refsource": "CONFIRM",
              "url": "https://techsupport.osisoft.com/Troubleshooting/Alerts/AL00280"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-132-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2015-1013",
    "datePublished": "2015-05-26T01:00:00",
    "dateReserved": "2015-01-10T00:00:00",
    "dateUpdated": "2024-08-06T04:26:11.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-03457

CVE-2015-1013 (GCVE-0-2015-1013)

Tags

Sightings

Nomenclature