Cyber Resilience

CVE-2022-29155

CriticalPublic PoC

Published: 04 May 2022

Published
04 May 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1361 94.4th percentile
Risk Priority 28 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-29155 is a critical-severity SQL Injection (CWE-89) vulnerability in Debian Debian Linux. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 5.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2022-29155 is a SQL injection vulnerability in the experimental back-sql backend of OpenLDAP slapd, affecting versions 2.x prior to 2.5.12 and 2.6.x prior to 2.6.2. The flaw arises from insufficient escaping of LDAP search filters, allowing a SQL statement to be injected during query processing and executed against the backend database.

An unauthenticated remote attacker can exploit the issue over the network by submitting a crafted LDAP search operation. Successful exploitation can result in full compromise of the confidentiality, integrity, and availability of the underlying data, consistent with the CVSS 9.8 rating and CWE-89 classification.

Advisories from Debian, NetApp, and OpenLDAP project references indicate that the issue is resolved by upgrading to the fixed releases 2.5.12 or 2.6.2, with corresponding package updates distributed through operating-system security channels.

The EPSS score rose from a low baseline to a peak of 0.2341, indicating that exploitation interest emerged after public disclosure and that the vulnerability warrants renewed attention.

EU & UK References

Vulnerability details

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search…

more

filter is processed, due to a lack of proper escaping.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

openldap
openldap
2.0 — 2.5.12 · 2.6.0 — 2.6.2
debian
debian linux
10.0, 11.0, 9.0
netapp
h300s firmware
all versions
netapp
h500s firmware
all versions
netapp
h700s firmware
all versions
netapp
h700e firmware
all versions
netapp
h410s firmware
all versions
netapp
h410c firmware
all versions

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-89

Penetration testing uses SQL injection payloads against database interfaces, identifying and supporting fixes for SQL injection weaknesses.

addresses: CWE-89

Validates query inputs to prevent SQL syntax or command manipulation.

References