https://github.com/goharbor/harbor/security/advisories

https://github.com/goharbor/harbor/security/advisories/GHSA-gcqm-v682-ccw6

https://tanzu.vmware.com/security/cve-2019-19025

The version of VMware Harbor installed on the remote host is 1.7.x or 1.8.x prior to 1.8.6 or 1.9.x prior to 1.9.3. It is, therefore, affected multiple vulnerabilities, including the following:

  - A privilege escalation vulnerability that allows an authenticated, normal user to gain administrative     account privileges by making an API call to modify the email address of a specific user. An attacker can     reset the password for that email address to gain access to the administrative account. This vulnerability     exists because the affected Harbor API fails to enforce proper permissions and scope on the API request to     modify an email address. (CVE-2019-19023)

  - A Cross-Site Request Forgery (CSRF) vulnerability caused by the Harbor web interface failing to implement     protection mechanisms against CSRF. An unauthenticated, remote attacker can exploit this, by luring an     authenticated user onto a prepared third-party website, in order to execute any action the platform in the     context of the currently authenticated victim. (CVE-2019-19025)

  - An SQL injection (SQLi) vulnerability which a remote, authenticated user with Project-Admin capabilities     can exploit by sending a specially crafted SQL payload in order to read secrets from the underlying     database or conduct privilege escalation. (CVE-2019-19029)   Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

CVE-2019-19025

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

medium