DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-JFWG-RXF3-P7R9: GHSA-JFWG-RXF3-P7R9: CQL/N1QL Injection in Authorizer via String Interpolation

#security #cve #cybersecurity #ghsa

GHSA-JFWG-RXF3-P7R9: CQL/N1QL Injection in Authorizer via String Interpolation

Vulnerability ID: GHSA-JFWG-RXF3-P7R9
CVSS Score: 9.8
Published: 2026-04-06

Authorizer versions prior to 2.0.1 contain a critical injection vulnerability in the Cassandra and Couchbase database backends. The software constructs queries using unsafe string interpolation, allowing unauthenticated attackers to execute arbitrary database commands, bypass authentication mechanisms, and access sensitive data.

TL;DR

A critical injection vulnerability (CWE-943) in Authorizer's Cassandra and Couchbase backends allows unauthenticated attackers to bypass authentication and read/modify database contents via crafted payloads targeting unparameterized SQL-like queries.

⚠️ Exploit Status: POC

Technical Details

  • Vulnerability Type: CQL/N1QL Injection
  • CWE ID: CWE-943
  • Attack Vector: Network
  • Authentication Required: None
  • CVSS Score: 9.8
  • Affected Components: Cassandra / Couchbase Storage Adapters

Affected Systems

  • Authorizer (Go Application) < 2.0.1
  • Cassandra Database Backend Adapter
  • Couchbase Database Backend Adapter
  • Authorizer: < 2.0.1 (Fixed in: 2.0.1)

Code Analysis

Commit: 73679fa

Fix CQL/N1QL injection by replacing fmt.Sprintf with parameterized queries in Cassandra and Couchbase backends.

Mitigation Strategies

  • Upgrade Authorizer to version 2.0.1 or later.
  • Deploy WAF rules to detect and block NoSQL/CQL injection patterns.
  • Review and rotate stored secrets, session tokens, and recovery codes if exploitation is suspected.
  • Audit custom database adapters for manual string interpolation practices.

Remediation Steps:

  1. Identify the current version of the Authorizer instance.
  2. If the version is < 2.0.1 and utilizes Cassandra or Couchbase backends, prepare for immediate patching.
  3. Pull the v2.0.1 release image or recompile from the updated source.
  4. Deploy the updated binary and verify successful connection to the database backends.
  5. Analyze database and application logs for single quotes and unexpected OR operators in request parameters.

References

Read the full report for GHSA-JFWG-RXF3-P7R9 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)