Login Sign Up

CVE-2023-48947

7.5 HIGH
Denial of Service

📋 TL;DR

A vulnerability in the cha_cmp function of OpenLink Virtuoso Open-Source Edition allows attackers to cause Denial of Service (DoS) by executing a specific SELECT statement. This affects systems running vulnerable versions of the database software, potentially disrupting database availability and dependent applications.

💻 Affected Systems

Products:
  • OpenLink Virtuoso Open-Source Edition
Versions: v7.2.11 (specific version mentioned in CVE)
Operating Systems: All platforms running Virtuoso
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of the affected version are vulnerable regardless of configuration.

📦 What is this software?

Virtuoso by Openlinksw

View all CVEs affecting Virtuoso →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database unavailability leading to application downtime, data inaccessibility, and potential cascading failures in dependent systems.

🟠

Likely Case

Database service crashes requiring restart, causing temporary service disruption and potential data loss for in-flight transactions.

🟢

If Mitigated

Minimal impact with proper monitoring and automated recovery procedures in place to quickly restart affected services.

🌐 Internet-Facing: HIGH - Database servers exposed to the internet are directly vulnerable to DoS attacks from unauthenticated users.
🏢 Internal Only: MEDIUM - Internal attackers or compromised accounts could exploit this to disrupt database services.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability requires only a SELECT statement execution, making exploitation straightforward for users with database access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue #1179 for latest patched version

Vendor Advisory: https://github.com/openlink/virtuoso-opensource/issues/1179

Restart Required: Yes

Instructions:

1. Check the GitHub issue for patched version. 2. Upgrade to the latest patched version. 3. Restart Virtuoso services. 4. Verify the fix is applied.

🔧 Temporary Workarounds

Restrict Database Access

all

Limit database connections to trusted sources only and implement strict access controls.

Configure firewall rules to restrict database port access
Implement database user access controls

Query Monitoring and Filtering

all

Monitor and potentially block suspicious SELECT statements that could trigger the vulnerability.

Implement database query logging
Configure WAF or database firewall rules

🧯 If You Can't Patch

  • Implement network segmentation to isolate database servers from untrusted networks
  • Deploy database activity monitoring to detect and alert on exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check Virtuoso version using 'isql -v' or examine installation version. If version is v7.2.11, system is vulnerable.

Check Version:

isql -v

Verify Fix Applied:

After patching, verify version is updated and test with safe SELECT statements to ensure stability.

📡 Detection & Monitoring

Log Indicators:

  • Database crash logs
  • Abnormal termination of Virtuoso processes
  • Failed connection attempts after crash

Network Indicators:

  • Sudden drop in database connections
  • Increased failed query attempts

SIEM Query:

source="virtuoso.log" AND ("crash" OR "segmentation fault" OR "abnormal termination")

📊 Metadata

CVE ID: CVE-2023-48947
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Published: November 29, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON