CVE-2023-6944

2024-01-0410:15:11

CWE-209

[email protected]

web.nvd.nist.gov

red hat developer hub

gitlab access tokens

frontend

base64 encoded

sanitized error

malicious code

repositories

resources

permissions

CVSS3

5.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

18.1%

JSON

A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gaining access to this token and depending on permissions, an attacker could push malicious code to repositories, delete resources in Git, revoke or generate new keys, and sign code illegitimately.

Affected configurations

Nvd

Node

redhatred_hat_developer_hubRange<1.21.0

Node

linuxfoundationbackstageRange<1.21.0

VendorProductVersionCPE
redhatred_hat_developer_hub*cpe:2.3:a:redhat:red_hat_developer_hub:*:*:*:*:*:*:*:*
linuxfoundationbackstage*cpe:2.3:a:linuxfoundation:backstage:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	red_hat_developer_hub	*	cpe:2.3:a:redhat:red_hat_developer_hub::::::::
linuxfoundation	backstage	*	cpe:2.3:a:linuxfoundation:backstage::::::::