{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/open-webui-formerly-ollama-webui-0.1.105/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Open WebUI (Formerly Ollama WebUI) 0.1.105"],"_cs_severities":["high"],"_cs_tags":["authorization","web-application","vulnerability"],"_cs_type":"advisory","_cs_vendors":["Open WebUI"],"content_html":"\u003cp\u003eOpen WebUI, formerly Ollama WebUI, version 0.1.105, suffers from an improper authorization control vulnerability. This flaw allows users with a \u0026lsquo;pending\u0026rsquo; status to bypass intended restrictions and make authenticated API calls as if they were authorized \u0026lsquo;user\u0026rsquo; roles. The vulnerability arises because the application\u0026rsquo;s API endpoints do not adequately validate the user\u0026rsquo;s role, relying solely on the presence of a valid JWT for authentication, while neglecting to verify the user\u0026rsquo;s assigned role. The vulnerability was discovered by Taylor Pennington of KoreLogic, Inc. This issue allows unapproved users to access sensitive data and functionality.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker registers a new user account on the Open WebUI platform with \u003ccode\u003enew sign-ups\u003c/code\u003e enabled. The new account is automatically assigned a \u003ccode\u003epending\u003c/code\u003e status.\u003c/li\u003e\n\u003cli\u003eThe application generates a JWT for the new user, despite their \u003ccode\u003epending\u003c/code\u003e status, and returns it to the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts an HTTP GET request to the \u003ccode\u003e/ollama/api/tags\u003c/code\u003e endpoint, including the JWT in the \u003ccode\u003eAuthorization\u003c/code\u003e header.\u003c/li\u003e\n\u003cli\u003eThe Open WebUI server receives the request and validates the JWT using the \u003ccode\u003eget_current_user\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eget_current_user\u003c/code\u003e function only checks the validity of the JWT but does not verify the user\u0026rsquo;s role, thus allowing the request to proceed.\u003c/li\u003e\n\u003cli\u003eThe server retrieves a list of available models without properly validating the user\u0026rsquo;s authorization.\u003c/li\u003e\n\u003cli\u003eThe server returns the list of available models in the HTTP response to the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker can now access other regular user accessible endpoints.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows unauthorized users to access sensitive information such as available models and potentially other resources intended only for authorized users. This could lead to information disclosure, unauthorized use of resources, and further compromise of the system. This issue affects Open WebUI installations that have enabled new user sign-ups without properly verifying user roles, potentially impacting all users on the platform.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Open WebUI API Access by Pending User\u0026rdquo; to your SIEM to identify unauthorized API access attempts from users with a \u003ccode\u003epending\u003c/code\u003e role based on HTTP request headers and response codes.\u003c/li\u003e\n\u003cli\u003eApply the patch recommended by Open WebUI to utilize the \u003ccode\u003eget_verified_user()\u003c/code\u003e function instead of \u003ccode\u003eget_current_user()\u003c/code\u003e in all authenticated endpoints to enforce proper authorization checks as described in the Mitigation Recommendation section.\u003c/li\u003e\n\u003cli\u003eMonitor user registration requests to \u003ccode\u003e/api/v1/auths/signup\u003c/code\u003e using the \u0026ldquo;Detect Open WebUI User Registration\u0026rdquo; Sigma rule to track account creation attempts and potential abuse.\u003c/li\u003e\n\u003cli\u003eInvestigate and revoke any JWTs associated with \u003ccode\u003epending\u003c/code\u003e user accounts to prevent unauthorized access using the email IOC.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-07-03T12:00:00Z","date_published":"2024-07-03T12:00:00Z","id":"/briefs/2024-07-open-webui-auth-bypass/","summary":"Open WebUI version 0.1.105 is vulnerable to an improper authorization control issue, where user accounts with a `pending` status can bypass authorization checks and make authenticated API calls as a `user` context due to the application failing to properly validate the user's role beyond JWT validation.","title":"Open WebUI Improper Authorization Control Vulnerability","url":"https://feed.craftedsignal.io/briefs/2024-07-open-webui-auth-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Open WebUI (Formerly Ollama WebUI) 0.1.105","version":"https://jsonfeed.org/version/1.1"}