Budibase
CVE-2023-29010
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Budibase is a low code platform for creating internal tools, workflows, and admin panels. Versions prior to 2.4.3 (07 March 2023) are vulnerable to Server-Side Request Forgery. This can lead to an attacker gaining access to a Budibase AWS secret key. Users of Budibase cloud need to take no action. Self-host users who run Budibase on the public internet and are using a cloud provider that allows HTTP access to metadata information should ensure that when they deploy Budibase live, their internal metadata endpoint is not exposed.
AnalysisAI
Budibase is a low code platform for creating internal tools, workflows, and admin panels. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
Technical ContextAI
This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. Budibase is a low code platform for creating internal tools, workflows, and admin panels. Versions prior to 2.4.3 (07 March 2023) are vulnerable to Server-Side Request Forgery. This can lead to an attacker gaining access to a Budibase AWS secret key. Users of Budibase cloud need to take no action. Self-host users who run Budibase on the public internet and are using a cloud provider that allows HTTP access to metadata information should ensure that when they deploy Budibase live, their internal metadata endpoint is not exposed. Affected products include: Budibase. Version information: prior to 2.4.3.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.
Unauthorized data access in Budibase low-code platform before 3.30.4 allows unauthenticated users to manipulate internal
Authorization bypass in Budibase 3.31.4 and earlier. The authorized() middleware can be bypassed, enabling injection att
Budibase is a low code platform for creating internal tools, workflows, and admin panels. [CVSS 8.8 HIGH]
Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20. Rated med
Path traversal in Budibase low-code platform 3.31.5 and earlier allows attackers to read arbitrary files through the app
Server-Side Request Forgery (SSRF) in Budibase's REST datasource connector (versions prior to 3.33.4) allows authenticat
Authentication bypass in Budibase low-code platform (versions prior to 3.35.4) allows remote unauthenticated attackers t
Remote code execution in Budibase versions prior to 3.33.4 allows unauthenticated attackers to execute arbitrary Bash co
Arbitrary file upload in Budibase 3.24.0 and earlier allows authenticated attackers to bypass UI-level file extension re
Budibase suffers from missing server-side role validation in user management APIs, allowing Creator-level users to escal
Remote code execution in Budibase low-code platform versions prior to 3.33.4 enables authenticated attackers to execute
Stored cross-site scripting (XSS) in Budibase's Builder Command Palette (versions prior to 3.32.5) enables authenticated
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today