{"id":"GHSA-rmxg-6qqf-x8mr","summary":"GeoNode Server Side Request forgery","details":"### Summary\nA server side request forgery vuln was found within geonode when testing on a bug bounty program. Server side request forgery allows a user to request information on the internal service/services.\n\n### Details\nThe endpoint /proxy/?url= does not properly protect against SSRF. when using the following format you can request internal hosts and display data. /proxy/?url=http://169.254.169.254\\@whitelistedIPhere. This will state wether the AWS internal IP is alive. If you get a 404, the host is alive. A non alive host will not display a response. To display metadata, use a hashfrag on the url /proxy/?url=http://169.254.169.254\\@#whitelisteddomain.com or try   /proxy/?url=http://169.254.169.254\\@%23whitelisteddomain.com\n\n### Impact\nPort scan internal hosts, and request information from internal hosts.\n","aliases":["CVE-2023-40017","PYSEC-2023-269"],"modified":"2024-11-21T22:39:12.140940Z","published":"2024-11-21T22:22:03Z","related":["CVE-2023-40017"],"database_specific":{"nvd_published_at":"2023-08-24T23:15:09Z","cwe_ids":["CWE-918"],"github_reviewed":true,"github_reviewed_at":"2024-11-21T22:22:03Z","severity":"HIGH"},"references":[{"type":"WEB","url":"https://github.com/GeoNode/geonode/security/advisories/GHSA-rmxg-6qqf-x8mr"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40017"},{"type":"WEB","url":"https://github.com/GeoNode/geonode/commit/a9eebae80cb362009660a1fd49e105e7cdb499b9"},{"type":"PACKAGE","url":"https://github.com/GeoNode/geonode"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/geonode/PYSEC-2023-269.yaml"}],"affected":[{"package":{"name":"geonode","ecosystem":"PyPI","purl":"pkg:pypi/geonode"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.2.0"},{"fixed":"4.2.0"}]}],"versions":["3.2.0","3.2.1","3.2.2","3.2.3","3.2.3.post1","3.2.4","3.3.0","3.3.1","3.3.1.post1","3.3.2","3.3.2.post1","3.3.2.post2","3.3.3","4.0.0","4.0.0.post1","4.0.0rc0","4.0.0rc1","4.0.1","4.0.2","4.0.3","4.1.0","4.1.1","4.1.2","4.1.3","4.1.3.post1","4.1.4","4.1.5"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-rmxg-6qqf-x8mr/GHSA-rmxg-6qqf-x8mr.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}