Rapid7 security released the fix of a critical SQL injection vulnerability in Nexpose, a popular local vulnerabilities management software. The flaw was tracked as CVE-2022-0757 and received a score of 9.8/10 according to the Common Vulnerability Scoring System (CVSS).
Attackers can inject SQL code after manipulating the ‘ALL’ or ‘ANY’ filter query operators in the Search Criteria.
This issue affects all versions of Nexpose alternately known as Security Console up to and including 6.6.128. The latest version also includes support for TLS 1.3 services, an added vulnerability checks for Log4j, and additional Metasploit-based vulnerability coverage.
The Nexpose vulnerability scanner also contained a medium severity cross-site scripting (XSS) flaw.
Residing in the shared scan configuration, the reflected XSS bug enables an attacker to “pass literal values as the test credentials, providing the opportunity for a potential XSS attack”, reads the description of CVE-2022-0758.
The CVSS-6.1 rated bug impacts versions 6.6.129 and earlier and was fixed in Security Console version 6.6.130, released on March 9.