CVE-2022-35508

Name of the Vulnerable Software and Affected Versions Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) versions prior to pve-http-server 4.1-3

Description The issue affects Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon, allowing an attacker with an unprivileged account to craft an HTTP request and achieve Server-Side Request Forgery (SSRF) and file disclosure of any files on the server. Additionally, in Proxmox Mail Gateway, privilege escalation to the root@pam account is possible if the backup feature has been used, due to backup files having 0644 permissions and containing an authkey value.

Recommendations For Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) versions prior to pve-http-server 4.1-3, update to pve-http-server 4.1-3 to fix the issue. As a temporary workaround, consider restricting access to the backup files and the pve(pmg)proxy and pve(pmg)daemon components to minimize the risk of exploitation. Avoid using the backup feature until the issue is resolved.