Unauthorized Access Vulnerability in Tuleap Open Source Suite
CVE-2025-22129
4.3MEDIUM
Key Information:
- Vendor
- Enalean
- Status
- Tuleap
- Vendor
- CVE Published:
- 3 February 2025
Summary
A vulnerability in Tuleap, an Open Source Suite designed for software development and collaboration, allows unauthorized users to gain access to restricted information. This flaw is present in certain versions, which could potentially expose sensitive data to malicious actors. The issue has been rectified in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, and Tuleap Enterprise Edition 16.3-2. Users are strongly recommended to upgrade to these versions to mitigate risks. No workarounds are available for this vulnerability, emphasizing the importance of timely upgrades.
Affected Version(s)
tuleap < 16.3.99.1736242932
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved