Vulnerability Details : CVE-2018-10054
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."
Vulnerability category: Execute code
Products affected by CVE-2018-10054
- cpe:2.3:a:h2database:h2:1.4.197:*:*:*:*:*:*:*
- cpe:2.3:a:cognitect:datomic:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-10054
21.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-10054
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2018-10054
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-10054
-
https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540@%3Ccommits.nifi.apache.org%3E
svn commit: r1876802 - /nifi/site/trunk/registry-security.html - Pony Mail
-
https://github.com/h2database/h2database/issues/1808#issuecomment-599203115
Sporadic NullPointerException in LobStorageMap in 1.4.199 · Issue #1808 · h2database/h2database · GitHub
-
https://mthbernardes.github.io/rce/2018/03/14/abusing-h2-database-alias.html
Gambler - Hacking and other stuffsThird Party Advisory
-
https://github.com/h2database/h2database/issues/1225
CVE-2018-10054 CVSSv3 8.8! · Issue #1225 · h2database/h2database · GitHub
-
https://forum.datomic.com/t/important-security-update-0-9-5697/379
Important Security Update 0.9.5697 - General / Announcements - Datomic DevelopersVendor Advisory
-
http://blog.datomic.com/2018/03/important-security-update.html
Datomic: Important Security Update For free: and dev: Storage ProtocolsVendor Advisory
-
https://security.netapp.com/advisory/ntap-20240719-0003/
CVE-2018-10054 H2 Database Vulnerability in NetApp Products | NetApp Product Security
-
https://lists.apache.org/thread.html/582d4165de6507b0be82d5a6f9a1ce392ec43a00c9fed32bacf7fe1e%40%3Cuser.ignite.apache.org%3E
Re: H2 version security concern-Apache Mail Archives
-
https://github.com/h2database/h2database/issues/3099
Remote code execution · Issue #3099 · h2database/h2database · GitHub
-
https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540%40%3Ccommits.nifi.apache.org%3E
svn commit: r1876802 - /nifi/site/trunk/registry-security.html-Apache Mail Archives
-
https://www.exploit-db.com/exploits/44422/
H2 Database - 'Alias' Arbitrary Code ExecutionThird Party Advisory;VDB Entry
-
https://lists.apache.org/thread.html/582d4165de6507b0be82d5a6f9a1ce392ec43a00c9fed32bacf7fe1e@%3Cuser.ignite.apache.org%3E
Re: H2 version security concern - Pony Mail
Jump to