DIRAC FileCatalog RCE via SQL Injection + Unsafe eval() in DatasetManager
Authenticated SQL injection in DIRAC's FileCatalog DatasetManager allows attackers to inject malicious Python code that executes via eval(), resulting in remote code execution with service privileges. This disclosure is significant for defenders because it demonstrates a two-stage attack chain (injection → unsafe deserialization) that may exist in other components.
CVE References
Affected
Vulnerability Description
The vulnerability exists in DIRAC's FileCatalog DatasetManager component, specifically in the __checkDataset() function. The root cause is the use of unparameterized f-string SQL query construction combined with unsafe eval() on database results. An authenticated user can inject SQL syntax into the datasets parameter, causing the database to return attacker-controlled data. This data is then passed directly to Python's eval() function without sanitization, allowing arbitrary code execution within the service's security context.
Proof-of-Concept Significance
This PoC demonstrates a realistic exploitation chain requiring only authentication (not unauthenticated access). The advisory indicates multiple similar vulnerable patterns exist in the same file, suggesting this may be symptomatic of broader architectural issues in the codebase. The significance for defenders is that this vulnerability is highly reliable and reproducible once an attacker has valid credentials, and the attack surface is large given the presence of similar anti-patterns elsewhere.
Detection Guidance
Defenders should monitor for: (1) SQL queries in DIRAC logs containing unusual dataset parameter patterns (particularly quotes, semicolons, or SQL keywords); (2) Python stack traces mentioning eval() or DatasetManager in FileCatalog service logs; (3) Unexpected process spawning or network connections originating from DIRAC service processes; (4) Authentication logs showing authenticated users accessing FileCatalog API followed by unusual error conditions or exceptions; (5) Database query logs showing malformed or multi-statement queries against the FileCatalog schema.
Mitigation Steps
Immediate actions: (1) Patch immediately to a version containing the fix (use parameterized queries instead of f-strings); (2) Restrict FileCatalog API access to trusted internal networks only; (3) Implement least-privilege database accounts for DIRAC services; (4) Remove or replace eval() with safe alternatives like ast.literal_eval() or JSON deserialization; (5) Code review all similar patterns in DatasetManager and related components; (6) Temporary workaround: disable or isolate the FileCatalog DatasetManager service if patching cannot be deployed immediately.
Risk Assessment
This vulnerability poses critical risk in production DIRAC deployments because: (1) Grid computing environments typically have multiple authenticated users with legitimate API access; (2) Compromise of a DIRAC service node can pivot to compromise data-handling infrastructure across the grid; (3) The fix requires code changes and service restart, creating operational friction; (4) Threat actors with knowledge of grid computing infrastructure would find this highly valuable for persistent access. Likelihood of exploitation in the wild is high given the authenticated-only requirement and the visibility of DIRAC in scientific computing communities.
Sources