Login Sign Up

CVE-2023-37924

9.8 CRITICAL
SQL Injection Authentication Bypass

📋 TL;DR

CVE-2023-37924 is an SQL injection vulnerability in Apache Submarine's login functionality that allows attackers to bypass authentication and gain unauthorized access. This affects all Apache Submarine deployments running versions 0.7.0 through 0.8.0. Successful exploitation could lead to complete system compromise.

💻 Affected Systems

Products:
  • Apache Submarine
Versions: 0.7.0 through versions before 0.8.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations of affected versions are vulnerable. The vulnerability exists in the login functionality.

📦 What is this software?

Submarine by Apache

View all CVEs affecting Submarine →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover via authentication bypass leading to unauthorized access to sensitive data, privilege escalation, and potential lateral movement within the environment.

🟠

Likely Case

Unauthorized login and access to the Submarine workbench, potentially exposing sensitive data and allowing further exploitation of the system.

🟢

If Mitigated

No impact if proper input validation and parameterized queries are implemented, or if the system is patched to version 0.8.0+.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities typically have low exploitation complexity. The vulnerability allows unauthenticated attackers to bypass login.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.8.0

Vendor Advisory: https://lists.apache.org/thread/g99h773vd49n1wyghdq1llv2f83w1b3r

Restart Required: Yes

Instructions:

1. Upgrade Apache Submarine to version 0.8.0 or later. 2. Restart the submarine-server service. 3. Verify the fix by testing login functionality.

🔧 Temporary Workarounds

Manual patch via cherry-pick

all

Apply the security fixes from GitHub pull requests without full upgrade

git cherry-pick <commit-hash> from PR #1037 and #1054
Rebuild submarine-server image

🧯 If You Can't Patch

  • Implement network segmentation to isolate Apache Submarine instances
  • Deploy a web application firewall (WAF) with SQL injection protection rules

🔍 How to Verify

Check if Vulnerable:

Check Apache Submarine version: if version is 0.7.0 or between 0.7.0 and 0.8.0, the system is vulnerable.

Check Version:

Check submarine-server version in application logs or via API endpoint if available

Verify Fix Applied:

Verify version is 0.8.0 or later and test login functionality with SQL injection attempts.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in application logs
  • Failed login attempts with SQL syntax
  • Successful logins from unexpected IP addresses

Network Indicators:

  • SQL injection patterns in HTTP POST requests to login endpoints
  • Unusual authentication traffic patterns

SIEM Query:

source="apache_submarine" AND (http_method="POST" AND uri="/login" AND (content LIKE "%' OR '%" OR content LIKE "%'--%" OR content LIKE "%'/*%"))

📊 Metadata

CVE ID: CVE-2023-37924
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: November 22, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-37924, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)