#VU31395 Improper Authentication in Zulip Server


Published: 2017-11-27 | Updated: 2020-07-17

Vulnerability identifier: #VU31395

Vulnerability risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-0910

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Zulip Server
Web applications / Other software

Vendor: Zulip

Description

The vulnerability allows a remote authenticated user to execute arbitrary code.

In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Zulip Server: 1.7.0

External links
http://blog.zulip.org/2017/11/23/zulip-1-7-1-released/
http://github.com/zulip/zulip/commit/960d736e55cbb9386a68e4ee45f80581fd2a4e32

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Improper Authentication in Zulip Server