Second-Order PHP Object Injection in Enalean Tuleap Web Application
CVE-2017-7411

8.8HIGH

Key Information:

Vendor

Enalean

Status
Tuleap
Vendor
CVE Published:
30 October 2017

What is CVE-2017-7411?

A security issue was identified in the Enalean Tuleap project management software, specifically affecting versions up to 9.6. The problem arises from the User::getRecentElements() method, which utilizes the unserialize() function with a user-controllable preference value. This allows malicious actors to manipulate the input through the REST API interface, potentially injecting arbitrary PHP objects into the application context. Such exploitation opens the door to various types of attacks, including the risk of Remote Code Execution, which poses significant risks to the integrity and security of the application.

References

https://tuleap.net/plugins/tracker/?aid=10118
x_refsource_CONFIRM
http://packetstormsecurity.com/files/144716/Tuleap-9.6-Se...
x_refsource_MISC
https://www.exploit-db.com/exploits/43374/
exploitx_refsource_EXPLOIT-DB

EPSS Score

73% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.