PYSEC-2024-238
Vulnerability from pysec - Published: 2024-11-06 15:15 - Updated: 2025-04-08 10:23
VLAI?
Details
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.
This issue affects CodeChecker: through 6.24.1.
Impacted products
| Name | purl | codechecker | pkg:pypi/codechecker |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "codechecker",
"purl": "pkg:pypi/codechecker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.24.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.16.0",
"6.16.0a1",
"6.17.0",
"6.18.0",
"6.18.1",
"6.18.2",
"6.19.0",
"6.19.1",
"6.20.0",
"6.20.0rc1",
"6.21.0",
"6.21.0rc1",
"6.22.0",
"6.22.0rc1",
"6.22.1",
"6.22.2",
"6.22.2.post1",
"6.23.0",
"6.23.0rc2",
"6.23.1",
"6.24.0",
"6.24.1"
]
}
],
"aliases": [
"CVE-2024-10081",
"GHSA-f3f8-vx3w-hp5q"
],
"details": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nAuthentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.\n\nThis issue affects CodeChecker: through 6.24.1.",
"id": "PYSEC-2024-238",
"modified": "2025-04-08T10:23:23.857960+00:00",
"published": "2024-11-06T15:15:11+00:00",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f3f8-vx3w-hp5q"
}
]
}
GHSA-F3F8-VX3W-HP5Q
Vulnerability from github – Published: 2024-11-06 15:57 – Updated: 2025-11-15 03:17
VLAI?
Summary
codechecker vulnerable to authentication bypass when using specifically crafted URLs
Details
Summary
Authentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others.
Details
All endpoints, apart from the /Authentication is affected by the vulnerability.
The vulnerability allows unauthenticated users to access all API functionality.
You can look for the following pattern in the logs to check if the vulnerabilty was exploited:
Note that the url starts with v and contains a valid CodeChecker endpoint, but it ends in Authentication, Configuration or ServerInfo and it was made by an Anonymous user.
Impact
This authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user.
Severity ?
10.0 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "codechecker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.24.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-10081"
],
"database_specific": {
"cwe_ids": [
"CWE-288"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-06T15:57:08Z",
"nvd_published_at": "2024-11-06T15:15:11Z",
"severity": "CRITICAL"
},
"details": "### Summary\nAuthentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others.\n\n### Details\nAll endpoints, apart from the /Authentication is affected by the vulnerability.\n\nThe vulnerability allows unauthenticated users to access all API functionality.\nYou can look for the following pattern in the logs to check if the vulnerabilty was exploited:\n\n\nNote that the url starts with v and contains a valid CodeChecker endpoint, but it ends in `Authentication`, `Configuration` or `ServerInfo` and it was made by an `Anonymous` user.\n\n### Impact\nThis authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user.",
"id": "GHSA-f3f8-vx3w-hp5q",
"modified": "2025-11-15T03:17:05Z",
"published": "2024-11-06T15:57:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f3f8-vx3w-hp5q"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10081"
},
{
"type": "WEB",
"url": "https://github.com/Ericsson/codechecker/commit/ad41702e3108e4b92ae5d0143a5b961cc34195eb"
},
{
"type": "PACKAGE",
"url": "https://github.com/Ericsson/codechecker"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/codechecker/PYSEC-2024-238.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "codechecker vulnerable to authentication bypass when using specifically crafted URLs"
}
CVE-2024-10081 (GCVE-0-2024-10081)
Vulnerability from cvelistv5 – Published: 2024-11-06 14:33 – Updated: 2024-11-06 15:01
VLAI?
Summary
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.
This issue affects CodeChecker: through 6.24.1.
Severity ?
10 (Critical)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ericsson | CodeChecker |
Affected:
0 , ≤ 6.24.1
(python)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ericsson:codechecker:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "codechecker",
"vendor": "ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10081",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:00:25.469782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T15:01:01.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CodeChecker",
"vendor": "Ericsson",
"versions": [
{
"lessThanOrEqual": "6.24.1",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \u003c/span\u003e\u003cbr\u003e\u003cp\u003eAuthentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAll endpoints, apart from the /Authentication is affected by the vulnerability.\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects CodeChecker: through 6.24.1.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. \nAuthentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others. All endpoints, apart from the /Authentication is affected by the vulnerability.\n\nThis issue affects CodeChecker: through 6.24.1."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "CWE-288",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T14:33:52.497Z",
"orgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"shortName": "ERIC"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f3f8-vx3w-hp5q"
}
],
"source": {
"discovery": "INTERNAL"
},
"tags": [
"x_open-source"
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "85b1779b-6ecd-4f52-bcc5-73eac4659dcf",
"assignerShortName": "ERIC",
"cveId": "CVE-2024-10081",
"datePublished": "2024-11-06T14:33:52.497Z",
"dateReserved": "2024-10-17T12:36:50.519Z",
"dateUpdated": "2024-11-06T15:01:01.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…