CVE-2024-4177: SSRF Vulnerability Patched in Bitdefender GravityZone Console On-Premise

Bitdefender, a leading cybersecurity provider, has addressed a critical vulnerability (CVE-2024-4177, CVSS 8.1) in its GravityZone Console On-Premise product. The flaw, discovered by security researcher Nicolas Verdier (n1nj4sec), could allow attackers to perform server-side request forgery (SSRF) attacks, potentially leading to unauthorized access and data breaches.

GravityZone Console is a centralized, cloud-based security management platform developed by Bitdefender, designed to provide a unified interface for monitoring and managing security across various endpoints, networks, and cloud environments. The identified vulnerability specifically affects on-premise versions of the GravityZone Console prior to version 6.38.1-2.

The issue arises from a flaw in the host whitelist parser within the proxy service. An attacker exploiting this vulnerability could manipulate server requests, potentially causing the server to initiate unintended actions or disclose sensitive information. Such vulnerabilities are particularly dangerous as they can be leveraged to bypass security controls and gain unauthorized access to internal systems.

Bitdefender has promptly addressed this issue with the release of an automatic update to version 6.38.1-2 of the GravityZone Console On-Premise. Users running affected versions are strongly encouraged to apply this update immediately to mitigate any potential risks associated with this vulnerability.