CVE-2022-31134

12.07.2022, 21:15

Zulip is an open-source team collaboration tool. Zulip Server versions 2.1.0 above have a user interface tool, accessible only to server owners and server administrators, which provides a way to download a "public data" export. While this export is only accessible to administrators, in many configurations server administrators are not expected to have access to private messages and private streams. However, the "public data" export which administrators could generate contained the attachment contents for all attachments, even those from private messages and streams. Zulip Server version 5.4 contains a patch for this issue.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.9 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
GitHub_M	CNA	4.9 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 45%

Vendor	Product	Version
zulip	zulip_server	2.1.0 ≤ 𝑥 < 5.4

𝑥

= Vulnerable software versions

Common Weakness Enumeration

References

https://blog.zulip.com/2022/07/12/zulip-cloud-data-exports

https://blog.zulip.com/2022/07/12/zulip-server-5-4-security-release

https://github.com/zulip/zulip/security/advisories/GHSA-58pm-88xp-7x9m

https://blog.zulip.com/2022/07/12/zulip-cloud-data-exports

https://blog.zulip.com/2022/07/12/zulip-server-5-4-security-release

https://github.com/zulip/zulip/security/advisories/GHSA-58pm-88xp-7x9m