Skip to main content

Harness CVE-2026-15036

| EUVDEUVD-2026-42281 LOW
Improper Authorization (CWE-285)
2026-07-08 cna@vuldb.com GHSA-2gx4-76v6-f2pq
2.1
CVSS 4.0 · Vendor: vuldb

Severity by source

Vendor (vuldb) PRIMARY
2.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.3 MEDIUM

Network-reachable endpoint requires valid credentials (PR:L); only unauthorized space listing is exposed yielding low confidentiality impact with no integrity, availability, or scope-change effects.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 08, 2026 - 16:02 vuln.today

DescriptionCVE.org

A vulnerability was determined in Harness up to 2.28.2. This vulnerability affects the function getAuthorizedSpaces of the file app/api/controller/gitspace/list_all.go of the component gitspaces Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Authorization bypass in Harness gitspaces endpoint (versions up to 2.28.2) permits any authenticated remote user to enumerate workspace listings beyond their authorized scope via a flaw in the getAuthorizedSpaces function of app/api/controller/gitspace/list_all.go. The confidentiality impact is limited to space listing disclosure - no integrity or availability impact is present - but publicly available exploit code (CVSS 4.0 E:P) lowers the exploitation barrier significantly. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege Harness credentials
Delivery
Send HTTP request to gitspaces list-all endpoint
Exploit
getAuthorizedSpaces skips authorization boundary
Execution
Receive unauthorized space listings
Impact
Enumerate workspace configurations for follow-on targeting

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated account on the Harness platform with at minimum low-level privileges (PR:L confirmed by CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 2.1 reflects a genuinely narrow impact: low confidentiality exposure only (VC:L), no integrity or availability effects, scoped entirely to the vulnerable system with no lateral blast radius (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated low-privilege Harness user - such as a project member or co-tenant in a shared deployment - sends a crafted HTTP request to the gitspaces list-all endpoint, triggering the flawed `getAuthorizedSpaces` function, which returns a listing of workspace entries beyond the caller's authorized scope. Publicly available exploit code has been disclosed, meaning a threat actor needs only valid credentials to reproduce the attack without advanced technical skill. …
Remediation No vendor-released patch has been identified at time of analysis - the Harness project was notified via responsible disclosure but has not responded, per the CVE description. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15036 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy