9.6
CVE-2026-53474
- EPSS 0.3%
- Veröffentlicht 10.06.2026 13:55:38
- Zuletzt bearbeitet 16.06.2026 14:37:13
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginMigration-planner: second-order sql injection via rvtools upload
A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malicious SQL embedded within a spreadsheet cell is executed when cluster names are processed. This SQL Injection allows for arbitrary file reading on the system, potentially exposing sensitive information such as Kubernetes service account tokens and other credentials, which could lead to a full compromise of the SaaS environment.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kebev2v ≫ Migration Assessment Version < 0.13.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.212 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| secalert@redhat.com | 9.6 | 3.1 | 5.8 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
|
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
https://access.redhat.com/security/cve/CVE-2026-53474
https://bugzilla.redhat.com/show_bug.cgi?id=2487231
https://github.com/kubev2v/migration-planner/pull/1231