exploitDog

CVE-2020-28002

Опубликовано: 02 нояб. 2020

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. With an empty value for the -D sonar.login option, anonymous authentication is forced. This allows creating and overwriting public and private projects via the /api/ce/submit endpoint.

Ссылки

https://csl.com.co/sonarqube-auditando-al-auditor-parte-ii/
Exploit
Third Party Advisory
https://csl.com.co/sonarqube-auditando-al-auditor-parte-ii/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sonarsource:sonarqube:8.4.2.36762:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00208

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-6g65-wv5p-gc7r

github

больше 3 лет назад

In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. With an empty value for the -D sonar.login option, anonymous authentication is forced. This allows creating and overwriting public and private projects via the /api/ce/submit endpoint.

EPSS

Процентиль: 43%

0.00208

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287