This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Coolify (v4.0.0-beta.361 and earlier) suffers from **Broken Access Control**. <br>π₯ **Consequences**: Any authenticated user can attach **any existing private key** from the instance to their own servers.β¦
π‘οΈ **Root Cause**: **CWE-862: Missing Authorization**. <br>β **Flaw**: The system fails to verify if the requesting user has permission to use specific private keys. It allows unauthorized association of resources.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **Coolify** by coollabsio. <br>π **Versions**: All versions **before 4.0.0-beta.361**. <br>π **Type**: Open-source, self-hosted Heroku/Netlify/Vercel alternative.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Hacker Actions**: <br>1. **Privilege Escalation**: Gain access to sensitive infrastructure keys. <br>2. **Data Theft**: Use stolen keys to access other servers/services. <br>3.β¦
π **Threshold**: **LOW**. <br>β **Auth Required**: Yes, the attacker must be an **authenticated user**. <br>βοΈ **Config**: No special config needed. Just valid login credentials.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Public Exploit**: **No**. <br>π **Status**: No PoC or wild exploitation code found in the provided data. <br>π **Reference**: See GitHub Advisory GHSA-3w2c-jfr2-9pg9.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check your Coolify version. <br>2. If < **4.0.0-beta.361**, you are vulnerable. <br>3. Audit user permissions and private key associations in the dashboard.
β οΈ **Urgency**: **HIGH**. <br>π₯ **Priority**: **Immediate Action Required**. <br>π **Risk**: CVSS Score indicates High impact on Confidentiality, Integrity, and Availability. Do not delay patching.