Platform
java
Component
org.openhab.ui.bundles:org.openhab.ui.cometvisu
Fixed in
4.2.2
4.2.1
CVE-2024-42467 describes a critical Server-Side Request Forgery (SSRF) vulnerability within the CometVisu add-on of openHAB. This flaw allows unauthenticated attackers to leverage the proxy endpoint to make arbitrary GET requests to internal servers, potentially exposing sensitive data and enabling lateral movement. The vulnerability impacts versions of openHAB prior to 4.2.1, and a fix is available in version 4.2.1.
The SSRF vulnerability in openHAB CometVisu presents a significant security risk. An attacker can exploit this flaw to bypass internal network security controls and access resources that are not publicly accessible. This could include sensitive configuration files, internal APIs, or even databases. By crafting malicious HTTP requests through the proxy endpoint, an attacker can induce openHAB to interact with internal services, potentially leading to data exfiltration or further compromise. The lack of authentication for the proxy endpoint amplifies the risk, as any user can trigger these requests. This vulnerability shares similarities with other SSRF exploits where internal services are inadvertently exposed due to misconfigured proxy functionality.
CVE-2024-42467 was publicly disclosed on August 9, 2024. The vulnerability's criticality (CVSS score of 10) indicates a high probability of exploitation. No known KEV listing exists as of this writing. Public proof-of-concept exploits are currently unknown, but the ease of exploitation due to the lack of authentication suggests a high likelihood of PoCs emerging. Active campaigns are not currently confirmed, but the vulnerability's severity warrants proactive monitoring.
Exploit Status
EPSS
1.77% (83% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-42467 is to upgrade openHAB to version 4.2.1 or later, which includes the necessary fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds. Restrict network access to the openHAB instance to only trusted sources. Implement a Web Application Firewall (WAF) with rules to block suspicious outbound requests originating from the CometVisu proxy endpoint. Carefully review and restrict the allowed domains or IP addresses that the proxy can access. Monitor openHAB logs for unusual outbound HTTP requests that could indicate exploitation attempts. After upgrading, confirm the fix by attempting to access an internal resource through the CometVisu proxy endpoint; the request should be denied.
Update the openHAB CometVisu add-on to version 4.2.1 or higher. This update fixes the SSRF and XSS vulnerabilities present in previous versions. You can update the add-on through the openHAB administration interface.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-42467 is a critical SSRF vulnerability in openHAB's CometVisu add-on, allowing attackers to make unauthorized requests to internal servers. It affects versions before 4.2.1.
Yes, if you are running openHAB CometVisu versions prior to 4.2.1, you are vulnerable to SSRF attacks.
Upgrade openHAB to version 4.2.1 or later to patch the vulnerability. Consider temporary workarounds like WAF rules and network restrictions if immediate upgrade is not possible.
While active exploitation is not currently confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of exploitation attempts.
Refer to the official openHAB security advisory for detailed information and updates: [https://www.openhab.org/docs/security/](https://www.openhab.org/docs/security/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.