Skip to content

SSRF exploit in flyteconsole

Critical
EngHabu published GHSA-www6-hf2v-v9m9 May 6, 2022

Package

flyteconsole (flyte)

Affected versions

all

Patched versions

V0.52.0

Description

Impact

Vulnerability type: server-side request forgery or SSRF
Every user of Flyte, where FlyteConsole is open to general internet is vulnerable to attack where the attacker can access the internal metadata server or other unauthenticated urls. It also passes the headers along, which can be very dangerous.

Patches

The patch deletes the entire cors_proxy as this is not required for console anymore.
The patch has been merged and and released. #389

Also, all previous versions of flyteconsole have been yanked and deleted.

Users should upgrade to flyteconsole v0.52.0 or later.
This is published as an image available here: https://github.com/orgs/flyteorg/packages/container/flyteconsole/19114769?tag=v0.52.0

Workarounds

Disable Flyteconsole availability on the internet

References

Not yet

For more information

If you have any questions or comments about this advisory:

Severity

Critical

CVE ID

CVE-2022-24856

Weaknesses

No CWEs

Credits