OpenMetadata.JwtFilter.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in OpenMetadata.
The vulnerability is due to a lack of proper validation of user-supplied input. An unauthenticated attacker can exploit this with a crafted request to bypass a JWT Token check which can lead to Remote Code Execution.
Affected Products
OPenMetadata prior to 1.2.4
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://docs.open-metadata.org/v1.2.x/releases
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-04-24 | 27.774 |