9.1
CVE-2022-24856
- EPSS 9.66%
- Veröffentlicht 17.05.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:51:14
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginServer-Side Request Forgery in FlyteConsole
FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur. The patch for this issue deletes the entire `cors_proxy`, as this is not required for console anymore. A patch is available in FlyteConsole version 0.52.0. Disable FlyteConsole availability on the internet as a workaround.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Flyte ≫ Flyte Console Version < 0.52.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.66% | 0.949 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| security-advisories@github.com | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-918 Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
https://github.com/flyteorg/flyteconsole/commit/05b88ed2d2ecdb5d8a8404efea25414e57189709
https://github.com/flyteorg/flyteconsole/pull/389
https://github.com/flyteorg/flyteconsole/releases/tag/v0.52.0
https://github.com/flyteorg/flyteconsole/security/advisories/GHSA-www6-hf2v-v9m9