Platform
nodejs
Component
anything-llm
Fixed in
0.7.2
CVE-2024-0455 is a critical Server-Side Request Forgery (SSRF) vulnerability affecting AnythingLLM versions up to 1.0.0. This vulnerability allows authenticated users with elevated privileges (manager or admin) to extract sensitive EC2 instance credentials. Successful exploitation could lead to unauthorized access and management of the underlying infrastructure. A fix is available in version 1.0.0.
The core of this vulnerability lies in the web scraper functionality within AnythingLLM. An attacker, possessing manager or admin credentials, can craft a specific URL – http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance – to trigger an SSRF. This URL, accessible only from within an Amazon EC2 instance, exposes the instance's security credentials. Gaining access to these credentials effectively grants the attacker the ability to manage the EC2 instance, regardless of who initially deployed it. This represents a significant escalation of privilege and a potential compromise of the entire environment. The blast radius extends to any data or services hosted on the compromised EC2 instance.
This vulnerability was publicly disclosed on 2024-02-25. While no active exploitation campaigns have been publicly confirmed, the ease of exploitation and the sensitivity of the exposed credentials suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept code is likely to emerge given the straightforward nature of the attack.
Exploit Status
EPSS
0.24% (48% percentile)
CVSS Vector
The primary mitigation for CVE-2024-0455 is to immediately upgrade AnythingLLM to version 1.0.0 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the web scraper functionality to trusted users only, enforcing strict role-based access control. Implement input validation on the URL parameter to prevent the injection of malicious URLs. Web Application Firewalls (WAFs) can be configured to block requests to the specific EC2 metadata endpoint. Monitor access logs for suspicious requests targeting the EC2 metadata endpoint. After upgrading, confirm the fix by attempting to access the EC2 metadata endpoint with an authenticated user account and verifying that access is denied.
Update AnythingLLM to a version later than 1.0.0 that contains the fix for the SSRF vulnerability. Alternatively, configure firewall or `iptables` rules to block access to the IP address 169.254.169.254 from the EC2 instance.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-0455 is a critical SSRF vulnerability in AnythingLLM versions up to 1.0.0, allowing attackers to access EC2 instance credentials with manager/admin privileges.
You are affected if you are using AnythingLLM version 1.0.0 or earlier and have users with manager or admin roles.
Upgrade to AnythingLLM version 1.0.0 or later. Implement temporary workarounds like restricting access and input validation if immediate upgrade is not possible.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's ease of exploitation suggests a high probability of exploitation.
Refer to the official AnythingLLM project repository or website for the latest security advisories and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.