CVE-2022-39233

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and above, prior to 14.0.99.24, authorizations are not properly verified when updating the branch prefix used by the GitLab repository integration. Authenticated users can change the branch prefix of any of the GitLab repository integration they can see vie the REST endpoint `PATCH /gitlab_repositories/{id}`. This action should be restricted to Git administrators. This issue is patched in Tuleap Community Edition 14.0.99.24 and Tuleap Enterprise Edition 14.0-3. There are no known workarounds.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/Enalean/tuleap/commit/a06cb42d55c840d61a484472ed6b169ab23853ac	Patch Third Party Advisory
https://github.com/Enalean/tuleap/security/advisories/GHSA-3884-972x-3ccq	Third Party Advisory
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=a06cb42d55c840d61a484472ed6b169ab23853ac	Patch Vendor Advisory
https://tuleap.net/plugins/tracker/?aid=28848	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:enalean:tuleap:::::community:::*
	cpe:2.3:a:enalean:tuleap:::::enterprise:::*
	cpe:2.3:a:enalean:tuleap:::::enterprise:::*

History

14 Jul 2023, 18:17

Type	Values Removed	Values Added
CWE	~~CWE-863~~	CWE-862

Information

Published : 2022-10-19 11:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-39233

Mitre link : CVE-2022-39233

CVE.ORG link : CVE-2022-39233

JSON object : View

Products Affected

enalean

tuleap

CWE

CWE-862

Missing Authorization

{"id": "CVE-2022-39233", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-10-19T11:15:11.160", "references": [{"url": "https://github.com/Enalean/tuleap/commit/a06cb42d55c840d61a484472ed6b169ab23853ac", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-3884-972x-3ccq", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=a06cb42d55c840d61a484472ed6b169ab23853ac", "tags": ["Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://tuleap.net/plugins/tracker/?aid=28848", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and above, prior to 14.0.99.24, authorizations are not properly verified when updating the branch prefix used by the GitLab repository integration. Authenticated users can change the branch prefix of any of the GitLab repository integration they can see vie the REST endpoint `PATCH /gitlab_repositories/{id}`. This action should be restricted to Git administrators. This issue is patched in Tuleap Community Edition 14.0.99.24 and Tuleap Enterprise Edition 14.0-3. There are no known workarounds."}, {"lang": "es", "value": "Tuleap es una suite libre y de c\u00f3digo abierto para mejorar la administraci\u00f3n de los desarrollos de software y la colaboraci\u00f3n. En versiones 12.9.99.228 y superiores, anteriores a 14.0.99.24, las autorizaciones no son verificadas apropiadamente cuando es actualizado el prefijo de la rama usado por la integraci\u00f3n del repositorio GitLab. Los usuarios autenticados pueden cambiar el prefijo de rama de cualquiera de las integraciones de repositorios de GitLab que pueden visualizar mediante el endpoint REST \"PATCH /gitlab_repositories/{id}\". Esta acci\u00f3n deber\u00eda estar restringida a administradores de Git. Este problema est\u00e1 parcheado en Tuleap Community Edition versi\u00f3n 4.0.99.24 y Tuleap Enterprise Edition versi\u00f3n 14.0-3. No son conocidas mitigaciones"}], "lastModified": "2023-07-14T18:17:43.380", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "6D8CF699-74B7-4FEE-804C-1729780FA0EE", "versionEndExcluding": "14.0.99.24", "versionStartIncluding": "12.9.99.228"}, {"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "38FC5DF7-5EF5-4EE8-9B23-539CC0F8E6C9", "versionEndExcluding": "13.12-6", "versionStartIncluding": "12.10"}, {"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "B2BBE4EC-1B9E-44C6-A191-A23182941E2B", "versionEndExcluding": "14.0-3", "versionStartIncluding": "14.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}