This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical flaw in Coolify allows low-privilege users to access root user SSH private keys. π **Consequences**: Complete system compromise.β¦
π **Auth Required**: Yes, but **Low** privilege. π **Threshold**: Low. An attacker only needs basic access to the Coolify interface. πΆ **Config**: No complex configuration needed. Just valid low-level credentials. β‘
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Public Exp**: No specific PoC code provided in the data. π **Status**: Advisory published (GHSA-qwxj-qch7-whpc). π΅οΈ **Risk**: High likelihood of wild exploitation due to simplicity (just reading a file/key). β οΈ
Q7How to self-check? (Features/Scanning)
π **Check**: Verify your Coolify version. π **Scan**: Look for unauthorized access to SSH key storage endpoints. π‘οΈ **Audit**: Check if low-privilege users can retrieve root credentials via API or UI. π¨
Q8Is it fixed officially? (Patch/Mitigation)
π§ **Fix**: Upgrade to a version **newer than** v4.0.0-beta.434. π’ **Source**: Official GitHub Security Advisory (GHSA-qwxj-qch7-whpc). β **Action**: Immediate update recommended by vendor. π
Q9What if no patch? (Workaround)
π§ **Workaround**: Restrict low-privilege user permissions strictly. π **Mitigation**: Disable SSH key exposure in UI/API if possible. π **Isolate**: Segregate critical root keys from the application layer. π§±
Q10Is it urgent? (Priority Suggestion)
π₯ **Priority**: **CRITICAL**. π¨ **Urgency**: Immediate action required. CVSS Score indicates High impact (C:H, I:H, A:H). π **Risk**: Root compromise is game-over for most servers. πββοΈ