CVE-2023-36663

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-36663

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-36663.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-36663

Published

2023-06-25T21:15:11.967Z

Modified

2025-11-20T12:13:57.653849Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface.

References

Affected packages

Git / github.com/it-novum/openitcockpit

Affected ranges

Type: GIT
Repo: https://github.com/it-novum/openitcockpit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

05dc72eaffcc5de0b91feed7726a32987741d4f5

Affected versions

openITCOCKPIT-3.*

openITCOCKPIT-3.0.10

openITCOCKPIT-3.0.10-10

openITCOCKPIT-3.0.10-12

openITCOCKPIT-3.0.10-13

openITCOCKPIT-3.0.10-14

openITCOCKPIT-3.0.10-15

openITCOCKPIT-3.0.10-16

openITCOCKPIT-3.0.10-4

openITCOCKPIT-3.0.10-5

openITCOCKPIT-3.0.10-6

openITCOCKPIT-3.0.10-8

openITCOCKPIT-3.0.11

openITCOCKPIT-3.0.11-3

openITCOCKPIT-3.0.11-4

openITCOCKPIT-3.0.11-6

openITCOCKPIT-3.0.11-7

openITCOCKPIT-3.0.11-8

openITCOCKPIT-3.0.4

openITCOCKPIT-3.0.6-1

openITCOCKPIT-3.0.7

openITCOCKPIT-3.0.8

openITCOCKPIT-3.0.8-2

openITCOCKPIT-3.0.9

openITCOCKPIT-3.1.0

openITCOCKPIT-3.1.1

openITCOCKPIT-3.1.5

openITCOCKPIT-3.2.0

openITCOCKPIT-3.3.0

openITCOCKPIT-3.3.0-3

openITCOCKPIT-3.4.2

openITCOCKPIT-3.4.3

openITCOCKPIT-3.5.0

openITCOCKPIT-3.6.0

openITCOCKPIT-3.6.1

openITCOCKPIT-3.6.1-2

openITCOCKPIT-3.7.1

openITCOCKPIT-3.7.2

openITCOCKPIT-4.*

openITCOCKPIT-4.0.4

openITCOCKPIT-4.0.4-1

openITCOCKPIT-4.0.5

openITCOCKPIT-4.1.0

openITCOCKPIT-4.1.1

openITCOCKPIT-4.1.2

openITCOCKPIT-4.1.3

openITCOCKPIT-4.1.4

openITCOCKPIT-4.2.1

openITCOCKPIT-4.2.2

openITCOCKPIT-4.2.3

openITCOCKPIT-4.3.0

openITCOCKPIT-4.3.1

openITCOCKPIT-4.3.2

openITCOCKPIT-4.3.3

openITCOCKPIT-4.4.0

openITCOCKPIT-4.4.1

openITCOCKPIT-4.5.0

openITCOCKPIT-4.5.1

openITCOCKPIT-4.5.2

openITCOCKPIT-4.5.3

openITCOCKPIT-4.5.4

openITCOCKPIT-4.5.5

openITCOCKPIT-4.6.0

openITCOCKPIT-4.6.1

openITCOCKPIT-4.6.2

openITCOCKPIT-4.6.3

openITCOCKPIT-4.6.4

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-36663.json"