CVE-2023-49793

Name of the Vulnerable Software and Affected Versions CodeChecker versions prior to 6.23

Description The issue arises from the improper sanitization of ZIP files uploaded to the server endpoint of CodeChecker store. An attacker can exploit this vulnerability using a path traversal attack to load and display files on the machine of the CodeChecker server. The vulnerable endpoint is /Default/v6.53/CodeCheckerService@massStoreRun. This allows for the exfiltration of data from the server-side storage medium with the same permission level as the CodeChecker server process. The attack requires a valid user account on the CodeChecker server with permission to store to a database and view the stored reports if authentication is enabled.

Recommendations To resolve the issue, update CodeChecker to version 6.23 or later. As a temporary workaround, consider restricting access to the vulnerable endpoint /Default/v6.53/CodeCheckerService@massStoreRun until a patch is applied. Additionally, limiting the permissions of the CodeChecker server process can help minimize the risk of exploitation.