CVE-2024-57648 – A SQL injection vulnerability in the itc_set

Q: What is the severity of CVE-2024-57648?

CVE-2024-57648 has a CVSS score of 7.5 (HIGH). A SQL injection vulnerability in the itc_set_param_row component of OpenLink Virtuoso OpenSource allows attackers to execute crafted SQL statements, leading to Denial of Service. This affects systems running vulnerable versions of the database software. Database administrators and applications using Virtuoso are at risk.

📋 TL;DR

A SQL injection vulnerability in the itc_set_param_row component of OpenLink Virtuoso OpenSource allows attackers to execute crafted SQL statements, leading to Denial of Service. This affects systems running vulnerable versions of the database software. Database administrators and applications using Virtuoso are at risk.

💻 Affected Systems

Products:

OpenLink Virtuoso OpenSource

Versions: v7.2.11 and potentially earlier versions

Operating Systems: All platforms running Virtuoso

Default Config Vulnerable: ⚠️ Yes

Notes: Any system with the vulnerable component enabled and accessible via SQL queries is affected.

📦 What is this software?

Virtuoso by Openlinksw

View all CVEs affecting Virtuoso →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database unavailability through resource exhaustion or crash, potentially disrupting all dependent applications and services.

🟠

Likely Case

Partial or intermittent service disruption affecting database performance and availability for connected applications.

🟢

If Mitigated

Minimal impact with proper input validation and query sanitization in place, though the underlying vulnerability remains.

🌐 Internet-Facing: HIGH if database is directly exposed to the internet, as attackers can directly target the vulnerable component.

🏢 Internal Only: MEDIUM if only accessible internally, but still vulnerable to insider threats or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to execute SQL statements against the vulnerable component, typically through application or direct database access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue for specific fixed version

Vendor Advisory: https://github.com/openlink/virtuoso-opensource/issues/1195

Restart Required: No

Instructions:

1. Monitor the GitHub issue for patch release. 2. Upgrade to the patched version when available. 3. Test in non-production environment first. 4. Apply to production systems during maintenance window.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries in all applications that interact with Virtuoso.

Network Access Restrictions

all

Restrict database access to only trusted application servers and administrative systems.

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block suspicious SQL patterns
Monitor database performance metrics for unusual resource consumption patterns

🔍 How to Verify

Check if Vulnerable:

Check if running Virtuoso version 7.2.11 or earlier and if the itc_set_param_row component is accessible.

Check Version:

SELECT sys_stat('st_dbms_version');

Verify Fix Applied:

After patching, verify the version is updated and test with safe SQL queries to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL query patterns
Database error logs showing malformed queries
Performance degradation logs

Network Indicators:

Unusual database connection patterns
High volume of SQL requests to vulnerable endpoint

SIEM Query:

source="virtuoso.log" AND ("error" OR "malformed" OR "unexpected") AND "sql"

📊 Metadata

CVE ID: CVE-2024-57648

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-89

EPSS Score: 0.92% exploit probability (75.6th percentile)

Published: January 14, 2025

Last Updated: April 17, 2025

🔗 References

https://github.com/openlink/virtuoso-opensource/issues/1195 Exploit,Issue Tracking,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57648, you might also want to check these: