CVE-2026-50644
SOPlanning · SOPlanning
SOPlanning contains a SQL injection vulnerability in the audit retention configuration, allowing an authenticated high-privileged user to execute arbitrary SQL commands.
Executive summary
A critical SQL injection vulnerability in the SOPlanning audit retention module allows an authenticated administrator to gain unauthorized control over the database.
Vulnerability
The application fails to properly sanitize input within the audit retention configuration interface. An authenticated user with high privileges can inject malicious SQL queries, leading to unauthorized data access or modification within the backend database.
Business impact
With a CVSS score of 8.6, this vulnerability represents a severe threat to data integrity and confidentiality. Unauthorized modification or extraction of data from the database could lead to significant operational disruption and a breach of sensitive organizational records.
Remediation
Immediate Action: Update the SOPlanning installation to version 1.56.01 or higher to patch the SQL injection vulnerability.
Proactive Monitoring: Enable database query logging and monitor for unusual or high-frequency SQL commands originating from the web application service account.
Compensating Controls: Enforce strict database access controls and utilize parameterized queries or a WAF to inspect and block suspicious input strings containing SQL syntax.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability enables direct database manipulation, which is a high-risk scenario. Organizations must prioritize applying the update to 1.56.01 to prevent potential data loss or unauthorized access resulting from SQL injection.