CVE-2023-30550

CVSS V2 None CVSS V3 None

Description

MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing. This IDOR vulnerability allows the administrator of a project to modify other projects under the workspace. An attacker can obtain some operating permissions. The issue has been fixed in version 2.9.0.

Overview

CVE ID
CVE-2023-30550

Assigner
security-advisories@github.com

Vulnerability Status
Awaiting Analysis

Published Version
2023-05-04T18:15:10

Last Modified Date
2023-05-04T18:45:32

Weakness Enumerations

CWE	URL
CWE-639	http://cwe.mitre.org/data/definitions/639.html

References

Reference URL	Reference Tags
https://github.com/metersphere/metersphere/releases/tag/v2.9.0
https://github.com/metersphere/metersphere/security/advisories/GHSA-j5cq-cpw2-gp2q

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-30550
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30550

History

Created	Old Value	New Value	Data Type	Notes
2023-05-04 19:01:30				Added to TrackCVE
2023-05-04 19:01:35			Weakness Enumeration	new