Opencast Path Traversal Vulnerability in UI Config Module

A partial path traversal vulnerability has been identified in the Opencast UI config module, present in versions 18.0 and prior to 17.7. The vulnerability arises because the path validation does not properly account for file separators, potentially allowing access to files in directories that share a similar path prefix. For instance, files in '/etc/opencast/ui-config-hidden' could be accessed if they are readable by Opencast. However, this vulnerability does not permit general path traversal, as accessing files from other unrelated directories is not possible.

Impact

Exploitation of this vulnerability could lead to unauthorized access to non-public files, although such a scenario is considered unlikely for most users due to Opencast's default configuration.

Remediation

Users can update to Opencast versions 17.7 or 18.1 to address this vulnerability. Additionally, it is recommended to check for any folders that start with the same path as the 'ui-config' folder.