Vulnerability Description
A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gaining access to this token and depending on permissions, an attacker could push malicious code to repositories, delete resources in Git, revoke or generate new keys, and sign code illegitimately.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Red Hat Developer Hub | < 1.21.0 |
| Linuxfoundation | Backstage | < 1.21.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHBA-2024:5869
- https://access.redhat.com/security/cve/CVE-2023-6944Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2255204Issue TrackingVendor Advisory
- https://access.redhat.com/security/cve/CVE-2023-6944Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2255204Issue TrackingVendor Advisory
FAQ
What is CVE-2023-6944?
CVE-2023-6944 is a vulnerability with a CVSS score of 5.7 (MEDIUM). A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the s...
How severe is CVE-2023-6944?
CVE-2023-6944 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-6944?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Red Hat Developer Hub, Linuxfoundation Backstage.