Primary

Context

Stroom Authentication Bypass Vulnerability with AWS ALB Integration

Vulnerability

Patched

A vulnerability allowing authentication bypass has been identified in Stroom versions 7.2-beta.53 prior to 7.4.4, and 7.5-beta.1. This issue arises when the application is configured to use AWS Application Load Balancer (ALB) Authentication integration, but is accessible outside of the ALB. The vulnerability could also enable server-side request forgery (SSRF) attacks, potentially leading to code execution or privilege escalation via the AWS metadata URL.

Impact

Exploitation of this vulnerability could bypass authentication and authorization mechanisms, allowing unauthorized access to the Stroom application. Additionally, the identified SSRF could be exploited to execute code or escalate privileges by accessing the AWS metadata service.

Remediation

Users are advised to upgrade to Stroom versions 7.2.24, 7.3-beta.22, 7.4.4, or 7.5-beta.2.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Stroom Authentication Bypass Vulnerability with AWS ALB Integration

Vulnerability

Impact

Remediation

Affected Products

gchq stroom

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating