Privilege Escalation Vulnerability in Central Dogma by LINE Corporation
CVE-2021-38388

8.8HIGH

Key Information:

Vendor: Line Corporation
Status: Central Dogma
Vendor: CVE Published:; 8 September 2021

🔔 Create Line Corporation Vulnerability Alert

What is CVE-2021-38388?

Central Dogma contains a vulnerability that allows an unauthorized user to escalate privileges by manipulating the mirroring to the internal dogma repository. This process involves accessing a file that governs project authorization, potentially compromising project integrity and security. Users of Central Dogma should review the security configurations to mitigate the risk associated with this flaw.

Affected Version(s)

Central Dogma 0.51.1 < 0.52.0

References

https://github.com/line/centraldogma/pull/621

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2021
Vulnerability Reserved
Aug 10, 2021