What is the CVE ID of this vulnerability?

The CVE ID of this vulnerability is CVE-2023-42439.

What is the severity of CVE-2023-42439?

The severity of CVE-2023-42439 is high with a CVSS score of 6.5.

What is the affected software?

The affected software is GeoNode version 3.2.0 up to 4.1.2.

What is the vulnerability description for CVE-2023-42439?

CVE-2023-42439 is a SSRF vulnerability in GeoNode that allows bypassing existing controls and can be used to request internal services for a full read SSRF, returning any data from the internal network.

How can I fix CVE-2023-42439?

To fix CVE-2023-42439, upgrade to GeoNode version 4.1.3 or later.

Vulnerability/
CVE-2023-42439

high

7.5

CWE

918

15/9/2023

20/9/2023

2/8/2024

CVE-2023-42439: GeoNode SSRF Bypass to return internal host data

First published: Fri Sep 15 2023(Updated: )

A SSRF vulnerability exists, bypassing existing controls on the software. This can allow a user to request internal services for a full read SSRF, returning any data from the internal network. the application is using a whitelist, but the whitelist can be bypassed with @ and encoded value of @ (%40) GET /proxy/?url=http://development.demo.geonode.org%40geoserver:8080/geoserver/web This will trick the application that the first host is a whitelisted address, but the browser will use @ or %40 as a credential to the host geoserver on port 8080, this will return the data to that host on the response. ![image](https://user-images.githubusercontent.com/35967437/264379628-8cecbc56-be6c-49dc-abe8-0baf8b8695cc.png)

Credit: security-advisories@github.com security-advisories@github.com

Affected Software	Affected Version	How to fix
pip/GeoNode	>=3.2.0<=4.1.2	4.1.3.post1
Geosolutionsgroup Geonode	>=3.2.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-42439.
What is the severity of CVE-2023-42439?
The severity of CVE-2023-42439 is high with a CVSS score of 6.5.
What is the affected software?
The affected software is GeoNode version 3.2.0 up to 4.1.2.
What is the vulnerability description for CVE-2023-42439?
CVE-2023-42439 is a SSRF vulnerability in GeoNode that allows bypassing existing controls and can be used to request internal services for a full read SSRF, returning any data from the internal network.
How can I fix CVE-2023-42439?
To fix CVE-2023-42439, upgrade to GeoNode version 4.1.3 or later.

collector/github-advisory-latest
alias/GHSA-pxg5-h34r-7q8p
alias/CVE-2023-42439
collector/github-advisory
collector/nvd-api
collector/nvd-index
agent/references
agent/author
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/title
agent/severity
agent/weakness
agent/last-modified-date
agent/event
agent/first-publish-date
agent/tags
agent/description
package-manager/pip
vendor/geosolutionsgroup
canonical/geosolutionsgroup geonode
version/geosolutionsgroup geonode/3.2.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.