Lucene search

GitHub_MCVELIST:CVE-2022-23512

HistoryDec 14, 2022 - 1:09 p.m.

CVE-2022-23512 Metersphere is vulnerable to Path Injection.

2022-12-1413:09:36

CWE-22

GitHub_M

www.cve.org

metersphere path injection serverfiles

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

EPSS

0.001

Percentile

35.2%

JSON

MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + “/” + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.

CNA Affected

[
  {
    "vendor": "metersphere",
    "product": "metersphere",
    "versions": [
      {
        "version": "< 2.4.1",
        "status": "affected"
      }
    ]
  }
]

References

github.com/metersphere/metersphere/security/advisories/GHSA-5mwp-xw7p-5j27

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

EPSS

0.001

Percentile

35.2%

JSON

Related for CVELIST:CVE-2022-23512