Lucene search
PRIOn knowledge basePRION:CVE-2024-0455HistoryFeb 26, 2024 - 4:27 p.m.
Cross site request forgery (csrf)
2024-02-2616:27:00
PRIOn knowledge base
www.prio-n.com
6
cross site request forgery
web scraper
authorization
ec2 instance
url
security credentials
iptable
firewall rule
nvd
The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL
http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance
which is a special IP and URL that resolves only when the request comes from within an EC2 instance. This would allow the user to see the connection/secret credentials for their specific instance and be able to manage it regardless of who deployed it.
The user would have to have pre-existing knowledge of the hosting infra which the target instance is deployed on, but if sent - would resolve if on EC2 and the proper iptable or firewall rule is not configured for their setup.
Related
cve
cve
CVE-2024-0455
2024-02-26 16:27:50
cvelist
cvelist
CVE-2024-0455 SSRF on AWS deployed instances of AnythingLLM via /metadata
2024-02-25 08:10:17
osv
osv
CVE-2024-0455
2024-02-26 16:27:50
nvd
nvd
CVE-2024-0455
2024-02-26 16:27:50