Platform
other
Component
cigesv2
Fixed in
2.0.1
A critical SQL injection vulnerability (CVE-2024-2722) has been identified in CIGESv2. This flaw allows a remote attacker to potentially extract sensitive data directly from the database. The vulnerability affects versions of CIGESv2 up to and including the version prior to 2.0.1. A patch is available in version 2.0.1.
The SQL injection vulnerability resides within the /ajaxConfigTotem.php file of CIGESv2, specifically within the 'id' parameter. Successful exploitation allows an attacker to craft malicious SQL queries that bypass security measures and directly access the underlying database. This could lead to the complete exfiltration of all data stored within the database, including user credentials, configuration information, and potentially other sensitive business data. The impact is severe, as a successful attack could compromise the confidentiality and integrity of the entire system. There is no immediate precedent for similar exploitation patterns in publicly disclosed incidents, but the potential for widespread data compromise is significant.
CVE-2024-2722 was publicly disclosed on March 22, 2024. The vulnerability is not currently listed on the CISA KEV catalog, and its EPSS score is pending evaluation. There are currently no publicly available proof-of-concept exploits, but the ease of exploitation inherent in SQL injection vulnerabilities suggests that it is likely to become a target for automated scanning and exploitation tools. Monitor security advisories and threat intelligence feeds for updates.
Exploit Status
EPSS
0.13% (32% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-2722 is to immediately upgrade CIGESv2 to version 2.0.1 or later. If an immediate upgrade is not feasible due to compatibility issues or system downtime constraints, consider implementing temporary workarounds. While not a complete solution, input validation and sanitization on the 'id' parameter within /ajaxConfigTotem.php can help reduce the attack surface. Web application firewalls (WAFs) configured to detect and block SQL injection attempts targeting this specific endpoint can also provide an additional layer of protection. Monitor database logs for suspicious SQL queries that might indicate an ongoing attack. After upgrade, confirm by attempting a query through /ajaxConfigTotem.php and verifying that it does not result in a database error or data leakage.
Update to a patched version of CIGESv2 that resolves the SQL Injection (SQL Injection) vulnerability. If a patched version is not available, contact the vendor for a solution or consider disabling the affected functionality (/ajaxConfigTotem.php) until a solution can be applied.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-2722 is a critical SQL injection vulnerability in CIGESv2 that allows attackers to potentially extract all database data via the /ajaxConfigTotem.php endpoint.
You are affected if you are using CIGESv2 versions less than or equal to the version prior to 2.0.1.
Upgrade CIGESv2 to version 2.0.1 or later. Implement temporary workarounds like input validation if immediate upgrade is not possible.
While no public exploits are currently available, the vulnerability's nature makes it a likely target for exploitation. Continuous monitoring is recommended.
Refer to the CIGESv2 official website or security advisory channels for the latest information and updates regarding CVE-2024-2722.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.