Critical Vulnerability Information Vulnerability Overview Title: Mautic does not shield .env files from web traffic Severity: Medium (5.1/10) CVE ID: CVE-2024-47056 CVSS v3 Base Metrics: - Attack Vector: Local - Attack Complexity: Low - Required Privileges: None - User Interaction: None - Scope: Unchanged - Confidentiality: Low - Integrity: None - Availability: Low Affected and Fixed Versions Affected Versions: > 4.4 Fixed Versions: 6.0.2, 5.2.6, 4.4.16 Description Summary: Mautic contains a security vulnerability where sensitive .env configuration files may be directly accessed via a web browser. This could lead to exposure of sensitive information, including database credentials, API keys, and other critical system configurations. Detailed Description: Due to the absence of web server configuration restrictions for such files, .env files (typically containing environment variables and sensitive application configurations) can be directly accessed through a web browser. Unauthorized attackers can simply navigate to the file’s URL to view its contents. Mitigation Measures Update Mautic: Upgrade to the latest version. Default Settings: By default, Mautic does not use .env files for production data. Apache Users: Ensure the web server configuration respects .htaccess files. Nginx Users: Add the following to your Nginx configuration to deny access to .env files: After modifying the Nginx configuration, remember to reload or restart the Nginx service to apply the changes.