CVE-2023-32676 : Autolab is a course management service that enables auto-graded programming assi

Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the Install assessment functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a specially crafted Tar file. Using the install assessment functionality an attacker can feed a Tar file that contain files with paths pointing outside of the target directory (e.g., `../../../../tmp/tarslipped1.sh`). When the Install assessment form is submitted the files inside of the archives are expanded to the attacker-chosen locations. This issue has been addressed in version 2.11.0. Users are advised to upgrade.

Published 2023-05-26 23:15:19

Updated 2023-12-11 19:15:09

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2023-32676

Autolabproject » Autolab
Versions before (<) 2.11.0
cpe:2.3:a:autolabproject:autolab:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-32676

EPSS FAQ

0.83%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-32676

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.7	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H	1.2	5.5	GitHub, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: High Availability: High

CWE ids for CVE-2023-32676

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Assigned by:
- nvd@nist.gov (Primary)
- security-advisories@github.com (Secondary)

References for CVE-2023-32676

https://github.com/autolab/Autolab/security/advisories/GHSA-x9hj-r9q4-832c

Tar slip in Install Assessment functionality (`GHSL-2023-081`) · Advisory · autolab/Autolab · GitHub
Vendor Advisory
https://github.com/autolab/Autolab/commit/14f508484a8323eceb0cf3a128573b43eabbc80d

Merge pull request from GHSA-x9hj-r9q4-832c · autolab/Autolab@14f5084 · GitHub
Patch
https://securitylab.github.com/advisories/GHSL-2023-081_GHSL-2023-082_Autolab/

GHSL-2023-081_GHSL-2023-082: Tar Slip vulnerabilities in Autolab - CVE-2023-32676, CVE-2023-32317 | GitHub Security Lab

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-32676

Products affected by CVE-2023-32676

Exploit prediction scoring system (EPSS) score for CVE-2023-32676

CVSS scores for CVE-2023-32676

CWE ids for CVE-2023-32676

References for CVE-2023-32676