CVE-2022-34132 – CVE-2022-34132 is a SQL injection vulnerability... (How to Fix)

Q: What is the severity of CVE-2022-34132?

CVE-2022-34132 has a CVSS score of 9.8 (CRITICAL). CVE-2022-34132 is a SQL injection vulnerability in Benjamin BALET Jorani v1.0 that allows attackers to execute arbitrary SQL commands via the id parameter in the Leaves.php controller. This affects all users running the vulnerable version of Jorani, potentially compromising the entire database.

📋 TL;DR

CVE-2022-34132 is a SQL injection vulnerability in Benjamin BALET Jorani v1.0 that allows attackers to execute arbitrary SQL commands via the id parameter in the Leaves.php controller. This affects all users running the vulnerable version of Jorani, potentially compromising the entire database.

💻 Affected Systems

Products:

Benjamin BALET Jorani

Versions: Version 1.0

Operating Systems: All operating systems running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the default installation of Jorani v1.0. The vulnerability is in the core application code.

📦 What is this software?

Jorani by Jorani

View all CVEs affecting Jorani →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, privilege escalation, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized data access, extraction of sensitive employee information, and potential authentication bypass.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH - Web applications exposed to the internet are directly accessible to attackers.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit the vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection via id parameter requires some authentication but is straightforward to exploit once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit c5c42e29e6a9e59a3c82450bef48b67b8dd48333

Vendor Advisory: https://github.com/bbalet/jorani/commit/c5c42e29e6a9e59a3c82450bef48b67b8dd48333

Restart Required: No

Instructions:

1. Update to the latest Jorani version. 2. Apply the specific commit c5c42e29e6a9e59a3c82450bef48b67b8dd48333. 3. Replace vulnerable Leaves.php with patched version.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation for the id parameter to only accept numeric values.

Modify application/controllers/Leaves.php to validate id parameter as integer

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns in id parameter.

Add WAF rule: Detect SQL injection patterns in POST/GET parameters

🧯 If You Can't Patch

Implement network segmentation to isolate Jorani from critical databases
Enable detailed logging and monitoring for SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Check if running Jorani v1.0 and examine application/controllers/Leaves.php for unparameterized SQL queries using id parameter.

Check Version:

Check Jorani version in application configuration or via git log

Verify Fix Applied:

Verify that application/controllers/Leaves.php uses parameterized queries or proper input validation for id parameter.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed login attempts followed by SQL errors
Unexpected database access patterns

Network Indicators:

SQL injection patterns in HTTP requests to Leaves.php
Unusual database connection spikes

SIEM Query:

source="jorani.log" AND ("SQL syntax" OR "id='" OR "UNION SELECT")

📊 Metadata

CVE ID: CVE-2022-34132

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: June 28, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/bbalet/jorani/commit/c5c42e29e6a9e59a3c82450bef48b67b8dd48333 Patch,Third Party Advisory
https://github.com/bbalet/jorani/issues/369 Exploit,Issue Tracking,Third Party Advisory
https://github.com/bbalet/jorani/commit/c5c42e29e6a9e59a3c82450bef48b67b8dd48333 Patch,Third Party Advisory
https://github.com/bbalet/jorani/issues/369 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-34132, you might also want to check these: