umatiGateway Web Interface Exposure Vulnerability

A vulnerability exists in umatiGateway, a software that connects OPC Unified Architecture servers with an MQTT broker using JSON messages. The issue arises from the user interface being potentially publicly accessible when the provided docker-compose file is used. This access allows for viewing and modifying the configuration. The vulnerability is present in the umatiGateway version corresponding to the commit 'abe73096a17307327f0d6dc0ed4db1fb93464521', and was introduced by publishing the UI on all interfaces, which could lead to unauthorized access to the application's configuration settings.

Impact

The vulnerability could allow unauthorized users to access the umatiGateway web interface, view the configuration, and make unauthorized changes. This could disrupt the operation of the gateway or lead to incorrect data being published via MQTT.

Remediation

Users can modify the docker-compose file to bind the UI to '127.0.0.1:8080:8080', restricting access to the local network. Alternatively, a firewall can be configured to block remote access on port 8080, though this may not be fully effective due to Docker's port forwarding rules.