CVE-2024-37155: OpenCTI May Bypass Introspection Restriction
The regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed characters from the query.
References
- github.com/OpenCTI-Platform/opencti/blob/6343b82b0b0a5d3ded3b30d08ce282328a556268/opencti-platform/opencti-graphql/src/graphql/graphql.js
- github.com/OpenCTI-Platform/opencti/commit/f87d96918c63b0c3d3ebfbea6c789d48e2f56ad5
- github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-4mvw-j8r9-xcgc
- github.com/advisories/GHSA-4mvw-j8r9-xcgc
- github.com/pypa/advisory-database/tree/main/vulns/pycti/PYSEC-2024-313.yaml
- nvd.nist.gov/vuln/detail/CVE-2024-37155
Code Behaviors & Features
Detect and mitigate CVE-2024-37155 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →