This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OpenMetadata's JWT Filter has a logic flaw. It skips validation for excluded endpoints. π **Consequences**: Attackers can bypass authentication entirely.β¦
π **Threshold**: **LOW**. π **Network**: Attackable remotely (AV:N). π **Auth**: **None required** (PR:N) due to bypass. π±οΈ **UI**: No user interaction needed (UI:N). π **Complexity**: Low (AC:L). Easy to exploit! π
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Public Exp**: **YES**. π **PoC**: Available on GitHub (YongYe-Security). π§ͺ **Scanner**: Nuclei templates exist. π **Wild Exp**: Batch scanning tools are active. β οΈ **Warning**: Tool is for security testing only! π
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Use **Nuclei** with CVE-2024-28255 template. π **Python**: Run the specific PoC script. π‘ **Scan**: Look for the path parameter bypass pattern.β¦
π οΈ **Fixed**: **YES**. π¦ **Patch**: Upgrade to **OpenMetadata v1.2.4** or later. π **Resolution**: The filter logic was corrected to validate JWT properly. π **Published**: March 15, 2024.β¦
π§ **No Patch?**: **No known workarounds**. π« **Limitation**: Cannot simply block IPs or use WAF rules easily due to path manipulation. π **Advice**: If you can't patch, isolate the service.β¦