CVE-2022-31017
low-risk
Published 2022-06-25
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the server to incorrectly send an API event that includes the edited message to all of the stream’s current subscribers. This API event is ignored by official clients, but can be observed by using a modified client or the browser’s developer tools. This bug will be fixed in Zulip Server 5.3. There are no known workarounds.
Do I need to act?
-
0.18% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.0/10
Low
NETWORK
/ HIGH complexity
Affected Products (1)
Zulip
Affected Vendors
References (2)
Third Party Advisory
https://github.com/zulip/zulip/security/advisories/GHSA-m5j3-jp59-6f3q
Third Party Advisory
https://github.com/zulip/zulip/security/advisories/GHSA-m5j3-jp59-6f3q
14
/ 100
low-risk
Severity
8/34 · Low
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal