Description
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a specially crafted HTTP request to bypass authentication. Successful exploitation allows the malicious actor to assume all roles and privileges granted to the valid user’s Coverity Connect account.
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
https://community.blackduck.com/s/article/Black-Duck-Security-Advisory-CVE-2026-1496
Vendor Advisory vendor-advisory
mitigation
https://community.blackduck.com/s/article/Instructions-on-how-to-block-token-endpoint-for-Coverity-Connect
Vendor Advisory vendor-advisory
mitigation
https://community.blackduck.com/s/article/WAF-IDS-IPS-Mitigation-Guidance
Scores
CVSS v4
9.3
EPSS
0.0048
EPSS Percentile
37.4%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-639
Status
published
Products (22)
Black Duck/Coverity
2024.12.0A
Black Duck/Coverity
2024.12.1A
Black Duck/Coverity
2024.12.2
Black Duck/Coverity
2024.3.0 - 2025.12.0
Black Duck/Coverity
2024.3.0A
Black Duck/Coverity
2024.3.1A
Black Duck/Coverity
2024.3.2A
Black Duck/Coverity
2024.6.0A
Black Duck/Coverity
2024.6.1A
Black Duck/Coverity
2024.9.0A
... and 12 more
Published
Mar 27, 2026
Tracked Since
Mar 29, 2026