CVE-2024-36471

CWE-20 — Improper Input Validation CWE-200 — Information Exposure CWE-918 — Server-Side Request Forgery (SSRF)3 documents3 sources

Severity

7.5HIGH

EPSS

0.3%

top 46.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Allura Apache Software Foundation Apache Allura

Timeline

PublishedJun 10

Latest updateJun 11

Description

Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL. Project administrators can run these imports, which could cause Allura to read from internal services and expose them. This issue affects Apache Allura from 1.0.1 through 1.16.0. Users are recommended to upgrade to version 1.17.0, which fixes the issue. If you are unable to upgrade, set "disable_entry_points.allura.importers = forge-tracker, forge-discussion" in your .ini config file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDapache/allura1.0.1 — 1.17.0

▶CVEListV5apache_software_foundation/apache_allura1.0.1 — 1.16.0

🔴Vulnerability Details

GHSA

GHSA-2q7f-pr29-qfh5: Import functionality is vulnerable to DNS rebinding attacks between verification and processing of the URL↗2024-06-11

▶

CVEList

Apache Allura: sensitive information exposure via DNS rebinding↗2024-06-10

▶