CVE-2024-6968 – This critical SQL injection vulnerability in So... (How to Fix)

Q: What is the severity of CVE-2024-6968?

CVE-2024-6968 has a CVSS score of 6.3 (MEDIUM). This critical SQL injection vulnerability in SourceCodester Clinics Patient Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'from' and 'to' parameters in the /print_patients_visits.php file. This could lead to data theft, manipulation, or complete system compromise. All users running the vulnerable version are affected.

📋 TL;DR

This critical SQL injection vulnerability in SourceCodester Clinics Patient Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'from' and 'to' parameters in the /print_patients_visits.php file. This could lead to data theft, manipulation, or complete system compromise. All users running the vulnerable version are affected.

💻 Affected Systems

Products:

SourceCodester Clinics Patient Management System

Versions: 1.0

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation. Any system with the vulnerable file accessible is at risk.

📦 What is this software?

Clinic\'s Patient Management System by Oretnom23

View all CVEs affecting Clinic\'s Patient Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including patient records, administrative credentials, and potential server takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized access to sensitive patient data, modification of medical records, and potential data exfiltration.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only allowing data viewing without modification.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and public exploits exist.

🏢 Internal Only: HIGH - Even internal systems are vulnerable to authenticated or unauthenticated attacks depending on configuration.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available on GitHub, making exploitation trivial for attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider implementing input validation and parameterized queries in the vulnerable file, or replace the entire system with a secure alternative.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add proper input validation and parameterized queries to the /print_patients_visits.php file

Modify PHP code to use prepared statements: $stmt = $conn->prepare('SELECT * FROM visits WHERE date BETWEEN ? AND ?'); $stmt->bind_param('ss', $from, $to);

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules

Configure WAF to block SQL injection patterns in URL parameters

🧯 If You Can't Patch

Block external access to the vulnerable system using network segmentation
Implement strict database permissions and use read-only database accounts where possible

🔍 How to Verify

Check if Vulnerable:

Test the /print_patients_visits.php endpoint with SQL injection payloads in 'from' and 'to' parameters

Check Version:

Check the system version in admin panel or review source code for version markers

Verify Fix Applied:

Attempt SQL injection after implementing fixes and verify no database errors or unexpected results

📡 Detection & Monitoring

Log Indicators:

SQL syntax errors in web server logs
Unusual database queries from web application
Multiple failed parameter manipulation attempts

Network Indicators:

HTTP requests to /print_patients_visits.php with SQL keywords in parameters
Unusual database connection patterns

SIEM Query:

source="web_logs" AND (url="*print_patients_visits.php*" AND (param="*UNION*" OR param="*SELECT*" OR param="*INSERT*" OR param="*DELETE*"))

📊 Metadata

CVE ID: CVE-2024-6968

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-89

Published: July 22, 2024

Last Updated: November 21, 2024

🔗 References

https://github.com/Xu-Mingming/cve/blob/main/sql3.md Exploit
https://vuldb.com/?ctiid.272122 Permissions Required
https://vuldb.com/?id.272122 Permissions Required,Third Party Advisory
https://vuldb.com/?submit.378107 Third Party Advisory
https://github.com/Xu-Mingming/cve/blob/main/sql3.md Exploit
https://vuldb.com/?ctiid.272122 Permissions Required
https://vuldb.com/?id.272122 Permissions Required,Third Party Advisory
https://vuldb.com/?submit.378107 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6968, you might also want to check these: