2.5.0
2.5.0
CVE-2024-45479 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in the Edit Service Page of the Apache Ranger UI. This flaw allows unauthenticated attackers to potentially access internal resources and sensitive data within the Ranger environment. The vulnerability impacts versions of Apache Ranger up to and including 2.4.0, and a fix is available in version 2.5.0.
The SSRF vulnerability in Apache Ranger's UI presents a significant risk. An attacker could leverage this to scan internal networks, access cloud metadata services (e.g., AWS, Azure, GCP), and potentially exfiltrate sensitive data stored within Ranger's configuration or accessed by its policies. Successful exploitation could lead to unauthorized access to internal systems and compromise the confidentiality and integrity of data managed by Ranger. The impact is amplified if Ranger is used to manage access control for other critical systems, as an attacker could potentially use this vulnerability to gain broader access.
CVE-2024-45479 was publicly disclosed on January 22, 2025. The vulnerability's SSRF nature makes it potentially attractive to attackers seeking to map internal networks and identify other exploitable targets. There are currently no known public proof-of-concept exploits, but the ease of exploitation inherent in SSRF vulnerabilities suggests that one may emerge. It is not currently listed on the CISA KEV catalog.
Organizations heavily reliant on Apache Ranger for centralized security policy management and access control are particularly at risk. Environments with Ranger integrated with cloud platforms (AWS, Azure, GCP) are also vulnerable, as the SSRF vulnerability could be used to access cloud metadata and potentially compromise cloud resources. Any deployment of Apache Ranger versions 2.4.0 or earlier is considered at risk.
• java / server:
ps -ef | grep ranger• java / server:
journalctl -u ranger-service -f | grep "Edit Service Page"• generic web:
curl -I http://<ranger_server>/ui/edit-service -v• generic web:
grep -r "Edit Service Page" /var/log/apache2/access.logdisclosure
漏洞利用状态
EPSS
0.29% (52% 百分位)
CVSS 向量
The primary mitigation for CVE-2024-45479 is to upgrade Apache Ranger to version 2.5.0 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting network access to the Ranger UI to trusted sources only. Firewall rules can be configured to limit outbound connections from the Ranger UI to only necessary internal services. Regularly review Ranger's access control policies to ensure they are appropriately configured and minimize the potential impact of a successful SSRF attack. After upgrade, confirm the vulnerability is resolved by attempting to access an internal resource through the Edit Service Page and verifying that the request is denied.
将 Apache Ranger 升级到 2.5.0 或更高版本。此版本修复了服务编辑页面中的 SSRF 漏洞。升级将降低攻击者利用此漏洞从服务器发起未经授权请求的风险。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2024-45479 is a critical SSRF vulnerability affecting Apache Ranger UI versions up to 2.4.0, allowing attackers to potentially access internal resources.
Yes, if you are running Apache Ranger version 2.4.0 or earlier, you are vulnerable to this SSRF vulnerability.
Upgrade Apache Ranger to version 2.5.0 or later to resolve the vulnerability. Consider temporary workarounds like restricting network access if immediate upgrade is not possible.
While no public exploits are currently known, the SSRF nature of the vulnerability suggests potential for exploitation.
Refer to the Apache Ranger security advisories on the Apache project website for the latest information and updates.
上传你的 pom.xml 文件,立即知道是否受影响。