PatchSiren cyber security CVE debrief
CVE-2023-35072 Coyavtravel CVE debrief
CVE-2023-35072 is a critical SQL injection vulnerability in Coyavtravel Proagent affecting versions before 20230904. The NVD record rates it 9.8/CRITICAL and shows a network-reachable attack path with no privileges or user interaction required. Because the CVSS impacts are high for confidentiality, integrity, and availability, exposed deployments should be treated as urgent remediation candidates.
- Vendor
- Coyavtravel
- Product
- Proagent
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2023-09-05
- Original CVE updated
- 2024-11-21
- Advisory published
- 2023-09-05
- Advisory updated
- 2024-11-21
Who should care
Security teams, application owners, and administrators running Coyavtravel Proagent are the primary audience. This matters most for internet-facing deployments or systems that process sensitive data, because the NVD vector indicates remote, unauthenticated exploitation potential and high impact.
Technical summary
The vulnerability is described as improper neutralization of special elements used in an SQL command (CWE-89). NVD lists the affected CPE as cpe:2.3:a:coyavtravel:proagent:*:*:*:*:*:*:*:* with vulnerability ending before 20230904. The CVSS vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H indicates a remotely exploitable flaw with low attack complexity, no privileges required, no user interaction required, and high potential impact across confidentiality, integrity, and availability.
Defensive priority
Urgent. Prioritize immediate patching or version replacement for any Proagent installation exposed to untrusted networks or connected to sensitive databases. Even non-internet-facing instances should be remediated quickly because the CVSS profile indicates easy remote abuse and severe impact if the application is reachable by an attacker.
Recommended defensive actions
- Upgrade Coyavtravel Proagent to version 20230904 or later, since the vulnerable range is listed as before 20230904.
- Inventory all systems running Proagent and confirm the exact installed version.
- Restrict network access to Proagent as a short-term containment step if immediate upgrading is not possible.
- Review application and database logs for unexpected SQL activity or anomalous access patterns.
- If suspicious activity is found, follow incident response procedures and assess database integrity and data exposure.
- Use the USOM advisory and official NVD/CVE records to validate remediation status and affected versions.
Evidence notes
The supplied NVD metadata identifies the vulnerability as SQL injection and maps it to CWE-89. The affected CPE range ends with versionEndExcluding 20230904. The NVD CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, supporting the critical severity rating. NVD references the USOM advisory at https://www.usom.gov.tr/bildirim/tr-23-0492 as a third-party advisory. The CVE was published on 2023-09-05 and last modified on 2024-11-21; those dates are used only as record timing context, not as the exploit or fix date.
Official resources
-
CVE-2023-35072 CVE record
CVE.org
-
CVE-2023-35072 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
CVE published by CVE/NVD on 2023-09-05 and last modified on 2024-11-21. The supplied corpus does not indicate KEV listing or ransomware association.