CVE-2021-43806

moderate-risk
Published 2021-12-15

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated malicious user with read access to a CVS repository could execute arbitrary SQL queries. Tuleap instances without an active CVS repositories are not impacted. The following versions contain the fix: Tuleap Community Edition 13.2.99.155, Tuleap Enterprise Edition 13.1-7, and Tuleap Enterprise Edition 13.2-6.

Do I need to act?

-
0.91% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Enalean

References (8)

Patch https://github.com/Enalean/tuleap/commit/b82be896b00a787ed46a77bd4700e8fccfe2e5b...
Patch https://github.com/Enalean/tuleap/security/advisories/GHSA-x8fr-8gvw-cc4v
Patch https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=b82be896b00a787ed...
Issue Tracking https://tuleap.net/plugins/tracker/?aid=24202
Patch https://github.com/Enalean/tuleap/commit/b82be896b00a787ed46a77bd4700e8fccfe2e5b...
Patch https://github.com/Enalean/tuleap/security/advisories/GHSA-x8fr-8gvw-cc4v
Patch https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=b82be896b00a787ed...
Issue Tracking https://tuleap.net/plugins/tracker/?aid=24202
40
/ 100
moderate-risk
Severity 30/34 · Critical
Exploitability 3/34 · Minimal
Exposure 7/34 · Low