CVE-2021-43609

Name of the Vulnerable Software and Affected Versions Spiceworks Help Desk Server versions prior to 1.3.3

Description A Blind Boolean SQL injection issue exists within the order by for ticket function in app/models/reporting/database query.rb, allowing an authenticated attacker to execute arbitrary SQL commands via the sort parameter. This can lead to leaking local files from the host system and potentially result in remote code execution (RCE) through deserialization of malicious data.

Recommendations For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the order by for ticket function in app/models/reporting/database query.rb to minimize the risk of exploitation. Avoid using the sort parameter in the affected API endpoint until the issue is resolved.