CVE-2014-3704 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2014-3704?

CVE-2014-3704 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-3704?

Check the references section above for vendor advisories and patch information. Affected products include: Drupal Drupal, Debian Debian Linux.

Vulnerability Description

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Drupal	Drupal	>= 7.0, < 7.32
Debian	Debian Linux	7.0

Related Weaknesses (CWE)

CWE-89

References

http://osvdb.org/show/osvdb/113371Broken Link
http://packetstormsecurity.com/files/128720/Drupal-7.X-SQL-Injection.htmlExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/128721/Drupal-7.31-SQL-Injection.htmlExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/128741/Drupal-HTTP-Parameter-Key-Value-SQL-ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2014/Oct/75ExploitMailing ListPatch
http://secunia.com/advisories/59972Third Party Advisory
http://www.debian.org/security/2014/dsa-3051Third Party Advisory
http://www.exploit-db.com/exploits/34984ExploitThird Party AdvisoryVDB Entry
http://www.exploit-db.com/exploits/34992ExploitThird Party AdvisoryVDB Entry
http://www.exploit-db.com/exploits/34993ExploitThird Party AdvisoryVDB Entry
http://www.exploit-db.com/exploits/35150ExploitThird Party AdvisoryVDB Entry
http://www.openwall.com/lists/oss-security/2014/10/15/23ExploitMailing ListPatch
http://www.securityfocus.com/archive/1/533706/100/0/threadedThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/70595Third Party AdvisoryVDB Entry
https://www.drupal.org/SA-CORE-2014-005PatchVendor Advisory

FAQ

What is CVE-2014-3704?

CVE-2014-3704 is a vulnerability with a CVSS score of 7.5 (HIGH). The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection atta...

How severe is CVE-2014-3704?

CVE-2014-3704 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-3704?

Check the references section above for vendor advisories and patch information. Affected products include: Drupal Drupal, Debian Debian Linux.