cbcvebase.
CVE-2024-23344
published 2024-02-06

CVE-2024-23344: Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a…

PriorityP335medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.53%
40.7th percentile
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4.99.140 of Tuleap Community Edition.

Affected

3 ranges
VendorProductVersion rangeFixed in
enaleantuleap< 15.4.99.14015.4.99.140
enaleantuleap< 15.3.515.3.5
enaleantuleap>= 15.2.99.49 < 15.4.99.14015.4.99.140
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.