SQL injection via the field name of a tracker in Tuleap
CVE-2022-31058

7.2HIGH

Key Information:

Vendor

Enalean

Status
Tuleap
Vendor
CVE Published:
29 June 2022

What is CVE-2022-31058?

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create a new tracker can execute arbitrary SQL queries. Users are advised to upgrade. There is no known workaround for this issue.

Affected Version(s)

tuleap < 13.9.99.95

References

https://github.com/Enalean/tuleap/security/advisories/GHS...
x_refsource_CONFIRM
https://github.com/Enalean/tuleap/commit/b91bcd57c8344ec2...
x_refsource_MISC
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=com...
x_refsource_MISC

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.