Description
OpenMetadata suffers from an authentication bypass due to a JWT filter vulnerability. Attackers can manipulate path parameters to skip JWT validation, leading to unauthorized access to arbitrary endpoints, including those vulnerable to SpEL expression injection.
Remediation
Upgrade to OpenMetadata version 1.2.4 or later.
References
Related Vulnerabilities
Oracle JRE CVE-2012-0499 Vulnerability (CVE-2012-0499)
WordPress Plugin User Rights Access Manager Security Bypass (1.0.5)
PHP Other Vulnerability (CVE-2006-4023)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35152)