CVE-2023-46124: Server-Side Request Forgery Vulnerability in Custom Integration Upload

First published: Tue Oct 24 2023(Updated: )

### Impact The Fides web application allows a custom integration to be uploaded as a ZIP file containing configuration and dataset definitions in YAML format. It was discovered that specially crafted YAML dataset and config files allow a malicious user to perform arbitrary requests to internal systems and exfiltrate data outside the environment (also known as a Server-Side Request Forgery). The application does not perform proper validation to block attempts to connect to internal (including localhost) resources. Exploitation is limited to API clients with the `CONNECTOR_TEMPLATE_REGISTER` authorization scope. In the Fides Admin UI this scope is restricted to highly privileged users, specifically root users and users with the owner role. ### Patches The vulnerability has been patched in Fides version `2.22.1`. Users are advised to upgrade to this version or later to secure their systems against this threat. ### Workarounds There are no workarounds.

Credit: security-advisories@github.com security-advisories@github.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-cve
• collector/github-advisory-latest
• alias/GHSA-jq3w-9mgf-43m4
• alias/CVE-2023-46124
• collector/github-advisory
• agent/author
• agent/type
• agent/first-publish-date
• agent/weakness
• agent/title
• agent/remedy
• agent/severity
• agent/references
• agent/description
• collector/mitre-cve
• source/MITRE
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/last-modified-date
• agent/event
• agent/softwarecombine
• agent/tags
• agent/trending
• vendor/ethyca
• canonical/ethyca fides
• package-manager/pip