CVE-2024-57643 – A SQL injection vulnerability in the box

Q: What is the severity of CVE-2024-57643?

CVE-2024-57643 has a CVSS score of 7.5 (HIGH). A SQL injection vulnerability in the box_deserialize_string component of OpenLink Virtuoso Open Source allows attackers to execute crafted SQL statements, causing denial of service. This affects systems running vulnerable versions of the database software, potentially impacting availability of database services.

📋 TL;DR

A SQL injection vulnerability in the box_deserialize_string component of OpenLink Virtuoso Open Source allows attackers to execute crafted SQL statements, causing denial of service. This affects systems running vulnerable versions of the database software, potentially impacting availability of database services.

💻 Affected Systems

Products:

OpenLink Virtuoso Open Source

Versions: v7.2.11 and potentially earlier versions

Operating Systems: All platforms running Virtuoso

Default Config Vulnerable: ⚠️ Yes

Notes: Any Virtuoso instance with SQL interface enabled is vulnerable. The vulnerability is in the core SQL processing component.

📦 What is this software?

Virtuoso by Openlinksw

View all CVEs affecting Virtuoso →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database service disruption, data corruption, or potential unauthorized data access through SQL injection leading to extended downtime.

🟠

Likely Case

Denial of service causing database unavailability, application failures, and service disruption until restart.

🟢

If Mitigated

Limited impact with proper input validation and network segmentation, potentially causing temporary performance degradation.

🌐 Internet-Facing: HIGH - Internet-facing Virtuoso instances are directly exposed to attack vectors and crafted SQL payloads.

🏢 Internal Only: MEDIUM - Internal systems are still vulnerable to insider threats or compromised internal accounts.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to execute SQL statements against the database. Likely requires some level of database access or SQL injection vector.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue for latest patched version

Vendor Advisory: https://github.com/openlink/virtuoso-opensource/issues/1181

Restart Required: No

Instructions:

1. Monitor the GitHub issue for patch release. 2. Update to the latest patched version when available. 3. Test in non-production environment first. 4. Apply to production systems during maintenance window.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for all SQL statements

Use prepared statements with parameter binding instead of string concatenation

Network Access Restrictions

all

Restrict database access to only trusted applications and networks

Configure firewall rules to limit database port access
Use VPN for remote database connections

🧯 If You Can't Patch

Implement web application firewall (WAF) with SQL injection rules
Enable database auditing and monitor for unusual SQL patterns

🔍 How to Verify

Check if Vulnerable:

Check Virtuoso version: SELECT sys_stat('st_dbms_version'); If version is v7.2.11 or earlier, assume vulnerable.

Check Version:

SELECT sys_stat('st_dbms_version');

Verify Fix Applied:

After patching, verify version is updated and test with safe SQL injection test payloads.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL statement patterns
Database crash/restart logs
Error messages containing 'box_deserialize_string'

Network Indicators:

Unusual SQL traffic patterns
Multiple failed SQL queries from single source

SIEM Query:

source="virtuoso.log" AND ("error" OR "crash" OR "deserialize")

📊 Metadata

CVE ID: CVE-2024-57643

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-89

EPSS Score: 0.92% exploit probability (75.6th percentile)

Published: January 14, 2025

Last Updated: April 17, 2025

🔗 References

https://github.com/openlink/virtuoso-opensource/issues/1181 Exploit,Issue Tracking,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57643, you might also want to check these: