Vulnerability Description
OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using the draw.io integration it is possible to read arbitrary files as the configured system user and SSRF. The problem is fixed in version 18.1.6 and 18.2.2. It is advised to upgrade to the latest version of 18.1.x or 18.2.x. Users unable to upgrade may work around this issue by disabling the Draw.io module or the entire REST API which will secure the system.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Frentix | Openolat | < 18.1.6 |
Related Weaknesses (CWE)
References
- https://github.com/OpenOLAT/OpenOLAT/commit/23e6212e9412c3b099436159b8c8935321c9Patch
- https://github.com/OpenOLAT/OpenOLAT/security/advisories/GHSA-pqvm-h9mg-434cVendor Advisory
- https://track.frentix.com/issue/OO-7553/XXE-injection-in-draw.io-endpointBroken Link
- https://github.com/OpenOLAT/OpenOLAT/commit/23e6212e9412c3b099436159b8c8935321c9Patch
- https://github.com/OpenOLAT/OpenOLAT/security/advisories/GHSA-pqvm-h9mg-434cVendor Advisory
- https://track.frentix.com/issue/OO-7553/XXE-injection-in-draw.io-endpointBroken Link
FAQ
What is CVE-2024-28198?
CVE-2024-28198 is a vulnerability with a CVSS score of 4.6 (MEDIUM). OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using the draw.io integration it is possible ...
How severe is CVE-2024-28198?
CVE-2024-28198 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-28198?
Check the references section above for vendor advisories and patch information. Affected products include: Frentix Openolat.