PT-2026-53409 · Pypi · Codechecker
Publicado
2026-06-29
·
Atualizado
2026-06-29
CVSS v4.0
9.3
Crítica
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P |
Summary
Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows assigning arbitrary permissions to any existing user in CodeChecker.
Details
The following functions are affected under the Authentication endpoint:
getAuthorisedNames, getPermissionsForUser, hasPermission, addPermission, and removePermission.The vulnerability allows unauthenticated users to execute these function calls with arbitrary arguments.
In the logs, the exploit shows as follows:
[INFO 2026-04-23 21:23] - 127.0.0.1:42654 -- [Anonymous] POST /v6.67/Authentication@getAuthorisedNames
[INFO 2026-04-23 21:23] - 127.0.0.1:42654 -- [Anonymous] POST /v6.67/Authentication@addPermissionImpact
An attacker with a CodeChecker user can effectively acquire superuser permissions by calling these endpoints.
Patch
A patch is available at https://github.com/Ericsson/codechecker/releases/tag/v6.27.4.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Codechecker