CVE-2024-12867 - Vulnerability Details - OpenCVE

Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://www.arcticsecurity.com/security/vulnerability-note-2024-12-20

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00126}`	epss `{'score': 0.00135}`

Tue, 24 Dec 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 20 Dec 2024 19:30:00 +0000

Type	Values Removed	Values Added
Description		Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data.
Title		Server-Side Request Forgery in Arctic Hub URL Mapper allows an unauthenticated remote attacker to exfiltrate and modify configurations and data
Weaknesses		CWE-918
References		https://www.arcticsecurity.com/security/vulnerability-note-2024-12-20
Metrics		cvssV4_0 `{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber'}`

MITRE

Status: PUBLISHED

Assigner: NCSC-FI

Published: 2024-12-20T19:19:43.985Z

Updated: 2024-12-24T16:59:02.357Z

Reserved: 2024-12-20T19:11:54.846Z

Link: CVE-2024-12867

Vulnrichment

Updated: 2024-12-24T16:58:56.885Z

NVD

Status : Received

Published: 2024-12-20T20:15:22.740

Modified: 2024-12-20T20:15:22.740

Link: CVE-2024-12867

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12867", "assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "state": "PUBLISHED", "assignerShortName": "NCSC-FI", "dateReserved": "2024-12-20T19:11:54.846Z", "datePublished": "2024-12-20T19:19:43.985Z", "dateUpdated": "2024-12-24T16:59:02.357Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["URL Mapper"], "platforms": ["Linux"], "product": "Arctic Hub", "vendor": "Arctic Security", "versions": [{"lessThanOrEqual": "5.5.1872", "status": "affected", "version": "3.0.1764", "versionType": "rpm"}, {"status": "unaffected", "version": "5.6.1877", "versionType": "rpm"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "You are vulnerable if <br>- you are running Arctic Hub version 3.0.1764 - 5.5.1872<br>- and you have the \u201cexternal_base_url\u201d configured for external access in /var/lib/arcsec-hub/config.yml<br>- and the configured URL space is accessible by a potential attacker<br>"}], "value": "You are vulnerable if \n- you are running Arctic Hub version 3.0.1764 - 5.5.1872\n- and you have the \u201cexternal_base_url\u201d configured for external access in /var/lib/arcsec-hub/config.yml\n- and the configured URL space is accessible by a potential attacker"}], "credits": [{"lang": "en", "type": "finder", "value": "Bob Van der Smissen"}, {"lang": "en", "type": "reporter", "value": "'Hack the Government' ethical hacking event hosted by the Centre for Cybersecurity Belgium (CCB)"}], "datePublic": "2024-12-12T14:50:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data."}], "value": "Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There have been no reports of attempts to exploit the vulnerability."}], "value": "There have been no reports of attempts to exploit the vulnerability."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}, {"capecId": "CAPEC-25", "descriptions": [{"lang": "en", "value": "CAPEC-25 Forced Deadlock"}]}, {"capecId": "CAPEC-36", "descriptions": [{"lang": "en", "value": "CAPEC-36 Using Unpublished Interfaces or Functionality"}]}, {"capecId": "CAPEC-64", "descriptions": [{"lang": "en", "value": "CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.8, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "shortName": "NCSC-FI", "dateUpdated": "2024-12-20T19:19:43.985Z"}, "references": [{"url": "https://www.arcticsecurity.com/security/vulnerability-note-2024-12-20"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">Upgrade Arctic Hub to version 5.6.1877 or above.</span><br>"}], "value": "Upgrade Arctic Hub to version 5.6.1877 or above."}], "source": {"discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2024-12-06T10:00:00.000Z", "value": "Arctic Security received a report about a DoS vulnerability in the URL Mapper API."}, {"lang": "en", "time": "2024-12-09T07:00:00.000Z", "value": "Arctic Security R&D team was able to replicate the DoS vulnerability. The team discovered the root cause of the DoS issue and implemented a fix on the same day."}, {"lang": "en", "time": "2024-12-10T12:00:00.000Z", "value": "Arctic Security R&D team continued internal investigation based on the reported vulnerability and found out a way to expand it from the DoS to a SSRF. The team identified the root cause for the SSRF and started to work on a fix. The fix was finalized later on the same day."}, {"lang": "en", "time": "2024-12-11T19:00:00.000Z", "value": "Arctic Security R&D team implemented a helper tool to assist users by 1) Implementing a hotfix to any of the earlier vulnerable versions so that users who are not able to upgrade right away can have a temporary solution. 2) By helping users to check for any suspicious activity in their logs related to the vulnerability."}, {"lang": "en", "time": "2024-12-12T14:50:00.000Z", "value": "Arctic Security released Arctic Hub 5.6.1877 containing the fix, along with a release note to explain the vulnerability. An access link to the helper tool was provided as part of the release note."}, {"lang": "en", "time": "2024-12-13T13:00:00.000Z", "value": "After getting confirmation from CCB that no duplicate CVE entry has been made, Arctic Security requested a CVE number from its local CNA, the National Cyber Security Centre Finland (NCSC-FI)."}], "title": "Server-Side Request Forgery in Arctic Hub URL Mapper allows an unauthenticated remote attacker to exfiltrate and modify configurations and data", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">If upgrading is not possible, apply the hotfix as instructed in the version 5.6.1877 release note which was distributed to all Arctic Hub users on 12th of December 2024.</span><br>"}], "value": "If upgrading is not possible, apply the hotfix as instructed in the version 5.6.1877 release note which was distributed to all Arctic Hub users on 12th of December 2024."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-24T16:58:19.345997Z", "id": "CVE-2024-12867", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-24T16:59:02.357Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12867", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-24T16:58:19.345997Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-24T16:58:56.885Z"}}], "cna": {"title": "Server-Side Request Forgery in Arctic Hub URL Mapper allows an unauthenticated remote attacker to exfiltrate and modify configurations and data", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Bob Van der Smissen"}, {"lang": "en", "type": "reporter", "value": "'Hack the Government' ethical hacking event hosted by the Centre for Cybersecurity Belgium (CCB)"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}, {"capecId": "CAPEC-25", "descriptions": [{"lang": "en", "value": "CAPEC-25 Forced Deadlock"}]}, {"capecId": "CAPEC-36", "descriptions": [{"lang": "en", "value": "CAPEC-36 Using Unpublished Interfaces or Functionality"}]}, {"capecId": "CAPEC-64", "descriptions": [{"lang": "en", "value": "CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 8.8, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Arctic Security", "modules": ["URL Mapper"], "product": "Arctic Hub", "versions": [{"status": "affected", "version": "3.0.1764", "versionType": "rpm", "lessThanOrEqual": "5.5.1872"}, {"status": "unaffected", "version": "5.6.1877", "versionType": "rpm"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "There have been no reports of attempts to exploit the vulnerability.", "supportingMedia": [{"type": "text/html", "value": "There have been no reports of attempts to exploit the vulnerability.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-12-06T10:00:00.000Z", "value": "Arctic Security received a report about a DoS vulnerability in the URL Mapper API."}, {"lang": "en", "time": "2024-12-09T07:00:00.000Z", "value": "Arctic Security R&D team was able to replicate the DoS vulnerability. The team discovered the root cause of the DoS issue and implemented a fix on the same day."}, {"lang": "en", "time": "2024-12-10T12:00:00.000Z", "value": "Arctic Security R&D team continued internal investigation based on the reported vulnerability and found out a way to expand it from the DoS to a SSRF. The team identified the root cause for the SSRF and started to work on a fix. The fix was finalized later on the same day."}, {"lang": "en", "time": "2024-12-11T19:00:00.000Z", "value": "Arctic Security R&D team implemented a helper tool to assist users by 1) Implementing a hotfix to any of the earlier vulnerable versions so that users who are not able to upgrade right away can have a temporary solution. 2) By helping users to check for any suspicious activity in their logs related to the vulnerability."}, {"lang": "en", "time": "2024-12-12T14:50:00.000Z", "value": "Arctic Security released Arctic Hub 5.6.1877 containing the fix, along with a release note to explain the vulnerability. An access link to the helper tool was provided as part of the release note."}, {"lang": "en", "time": "2024-12-13T13:00:00.000Z", "value": "After getting confirmation from CCB that no duplicate CVE entry has been made, Arctic Security requested a CVE number from its local CNA, the National Cyber Security Centre Finland (NCSC-FI)."}], "solutions": [{"lang": "en", "value": "Upgrade Arctic Hub to version 5.6.1877 or above.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: transparent;\">Upgrade Arctic Hub to version 5.6.1877 or above.</span><br>", "base64": false}]}], "datePublic": "2024-12-12T14:50:00.000Z", "references": [{"url": "https://www.arcticsecurity.com/security/vulnerability-note-2024-12-20"}], "workarounds": [{"lang": "en", "value": "If upgrading is not possible, apply the hotfix as instructed in the version 5.6.1877 release note which was distributed to all Arctic Hub users on 12th of December 2024.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: transparent;\">If upgrading is not possible, apply the hotfix as instructed in the version 5.6.1877 release note which was distributed to all Arctic Hub users on 12th of December 2024.</span><br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data.", "supportingMedia": [{"type": "text/html", "value": "Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "configurations": [{"lang": "en", "value": "You are vulnerable if \n- you are running Arctic Hub version 3.0.1764 - 5.5.1872\n- and you have the \u201cexternal_base_url\u201d configured for external access in /var/lib/arcsec-hub/config.yml\n- and the configured URL space is accessible by a potential attacker", "supportingMedia": [{"type": "text/html", "value": "You are vulnerable if <br>- you are running Arctic Hub version 3.0.1764 - 5.5.1872<br>- and you have the \u201cexternal_base_url\u201d configured for external access in /var/lib/arcsec-hub/config.yml<br>- and the configured URL space is accessible by a potential attacker<br>", "base64": false}]}], "providerMetadata": {"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "shortName": "NCSC-FI", "dateUpdated": "2024-12-20T19:19:43.985Z"}}}, "cveMetadata": {"cveId": "CVE-2024-12867", "state": "PUBLISHED", "dateUpdated": "2024-12-24T16:59:02.357Z", "dateReserved": "2024-12-20T19:11:54.846Z", "assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "datePublished": "2024-12-20T19:19:43.985Z", "assignerShortName": "NCSC-FI"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to exfiltrate and modify configurations and data."}], "id": "CVE-2024-12867", "lastModified": "2024-12-20T20:15:22.740", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NO", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "recovery": "USER", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnerabilityResponseEffort": "MODERATE", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "LOW"}, "source": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "type": "Secondary"}]}, "published": "2024-12-20T20:15:22.740", "references": [{"source": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "url": "https://www.arcticsecurity.com/security/vulnerability-note-2024-12-20"}], "sourceIdentifier": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "type": "Secondary"}]}