{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-41956", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2022-09-30T16:38:28.945Z", "datePublished": "2023-01-14T00:40:32.121Z", "dateUpdated": "2024-08-03T12:56:38.655Z"}, "containers": {"cna": {"title": "Autolab is vulnerable to file disclosure via remote handin feature", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/autolab/Autolab/security/advisories/GHSA-g7x7-mgrv-f24x", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-g7x7-mgrv-f24x"}, {"name": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/", "tags": ["x_refsource_MISC"], "url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/"}, {"name": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/", "tags": ["x_refsource_MISC"], "url": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/"}], "affected": [{"vendor": "autolab", "product": "Autolab", "versions": [{"version": "<= 2.9.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-11T18:24:15.495Z"}, "descriptions": [{"lang": "en", "value": "Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A file disclosure vulnerability was discovered in Autolab's remote handin feature, whereby users are able to hand-in assignments using paths outside their submission directory. Users can then view the submission to view the file's contents. The vulnerability has been patched in version 2.10.0. As a workaround, ensure that the field for the remote handin feature is empty (Edit Assessment > Advanced > Remote handin path), and that you are not running Autolab as `root` (or any user that has write access to `/`). Alternatively, disable the remote handin feature if it is unneeded by replacing the body of `local_submit` in `app/controllers/assessment/handin.rb` with `render(plain: \"Feature disabled\", status: :bad_request) && return`."}], "source": {"advisory": "GHSA-g7x7-mgrv-f24x", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:56:38.655Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/autolab/Autolab/security/advisories/GHSA-g7x7-mgrv-f24x", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-g7x7-mgrv-f24x"}, {"name": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/"}, {"name": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autolabproject:autolab:*:*:*:*:*:*:*:*", "matchCriteriaId": "15CEA33A-9734-4B79-8525-92B23FF92B80", "versionEndExcluding": "2.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A file disclosure vulnerability was discovered in Autolab's remote handin feature, whereby users are able to hand-in assignments using paths outside their submission directory. Users can then view the submission to view the file's contents. The vulnerability has been patched in version 2.10.0. As a workaround, ensure that the field for the remote handin feature is empty (Edit Assessment > Advanced > Remote handin path), and that you are not running Autolab as `root` (or any user that has write access to `/`). Alternatively, disable the remote handin feature if it is unneeded by replacing the body of `local_submit` in `app/controllers/assessment/handin.rb` with `render(plain: \"Feature disabled\", status: :bad_request) && return`."}, {"lang": "es", "value": "Autolab es un servicio de gesti\u00f3n de cursos, desarrollado inicialmente por un equipo de estudiantes de la Universidad Carnegie Mellon, que permite a los instructores ofrecer tareas de programaci\u00f3n autocalificadas a sus estudiantes a trav\u00e9s de la Web. Se descubri\u00f3 una vulnerabilidad de divulgaci\u00f3n de archivos en la funci\u00f3n de entrega remota de Autolab, mediante la cual los usuarios pueden entregar tareas utilizando rutas fuera de su directorio de env\u00edo. Luego, los usuarios pueden ver el env\u00edo para ver el contenido del archivo. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 2.10.0. Como workaround, aseg\u00farese de que el campo para la funci\u00f3n de entrega remota est\u00e9 vac\u00edo (Edit Assessment &gt; Advanced &gt; Remote handin path) y que no est\u00e9 ejecutando Autolab como `root` (o cualquier usuario que tenga acceso de escritura a `/ `). Alternativamente `local_submit` in `app/controllers/assessment/handin.rb` with `render(plain: \"Feature disabled\", status: :bad_request) &amp;&amp; return`."}], "id": "CVE-2022-41956", "lastModified": "2024-11-21T07:24:09.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-14T01:15:13.230", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-g7x7-mgrv-f24x"}, {"source": "security-advisories@github.com", "url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-g7x7-mgrv-f24x"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{}