CVE-2025-64497 – This CVE describes an authorization bypass vuln... (How to Fix)

Q: How do I fix CVE-2025-64497?

1. Backup your Tuleap instance and database. 2. Update to the patched version using your distribution's package manager or Tuleap upgrade process. 3. Restart Tuleap services. 4. Verify the fix by testing file release access controls.

Q: What is the severity of CVE-2025-64497?

CVE-2025-64497 has a CVSS score of 6.5 (MEDIUM). This CVE describes an authorization bypass vulnerability in Tuleap's file release system. Attackers can access file release information in projects they shouldn't have permission to view. This affects all Tuleap Community Edition versions below 17.0.99.1762431347 and Enterprise Edition versions below 17.0-2, 16.13-7, and 16.12-10.

📋 TL;DR

This CVE describes an authorization bypass vulnerability in Tuleap's file release system. Attackers can access file release information in projects they shouldn't have permission to view. This affects all Tuleap Community Edition versions below 17.0.99.1762431347 and Enterprise Edition versions below 17.0-2, 16.13-7, and 16.12-10.

💻 Affected Systems

Products:

Tuleap Community Edition
Tuleap Enterprise Edition

Versions: Community Edition: < 17.0.99.1762431347; Enterprise Edition: < 17.0-2, < 16.13-7, < 16.12-10

Operating Systems: All platforms running Tuleap

Default Config Vulnerable: ⚠️ Yes

Notes: All standard installations with file release functionality enabled are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive project information, release artifacts, or proprietary software packages could be exfiltrated by unauthorized users, leading to intellectual property theft or competitive advantage loss.

🟠

Likely Case

Unauthorized users gain visibility into project release schedules, version information, and potentially access to released files they shouldn't see, compromising project confidentiality.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to information disclosure within the Tuleap instance, though sensitive data could still be exposed.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires some level of access to the Tuleap instance but bypasses project-level authorization checks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Community Edition: 17.0.99.1762431347; Enterprise Edition: 17.0-2, 16.13-7, 16.12-10

Vendor Advisory: https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v

Restart Required: Yes

Instructions:

1. Backup your Tuleap instance and database. 2. Update to the patched version using your distribution's package manager or Tuleap upgrade process. 3. Restart Tuleap services. 4. Verify the fix by testing file release access controls.

🔧 Temporary Workarounds

Disable File Release System

all

Temporarily disable the file release functionality to prevent exploitation while planning upgrade.

# Requires Tuleap admin access and configuration changes

Restrict Network Access

linux

Limit access to Tuleap instance to trusted users only while vulnerable.

# Use firewall rules to restrict access to Tuleap ports

🧯 If You Can't Patch

Implement strict network segmentation to limit Tuleap access to authorized users only
Monitor file release system access logs for unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check Tuleap version via admin interface or by examining installed packages. Test if users can access file releases in projects they don't have permission for.

Check Version:

On Tuleap server: rpm -qa | grep tuleap OR dpkg -l | grep tuleap OR check Tuleap admin interface

Verify Fix Applied:

After patching, verify version is updated and test that unauthorized users cannot access file release information in restricted projects.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to file release endpoints
Access to /plugins/frs/ URLs from unauthorized users

Network Indicators:

Unusual patterns of file release system access
Requests to file release API endpoints from unauthorized IPs

SIEM Query:

source="tuleap.log" AND (uri_path="/plugins/frs/*" OR message="*file release*access*denied*")

📊 Metadata

CVE ID: CVE-2025-64497

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-639

EPSS Score: 0.04% exploit probability (12.2th percentile)

Published: December 8, 2025

Last Updated: December 10, 2025

🔗 References

https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254 Patch
https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v Vendor Advisory
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254 Patch,Broken Link
https://tuleap.net/plugins/tracker/?aid=45583 Issue Tracking,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64497, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Tuleap by Enalean

Tuleap by Enalean

Tuleap by Enalean

Tuleap by Enalean

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable File Release System

Restrict Network Access

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities