CVE-2024-0601

Name of the Vulnerable Software and Affected Versions ZhongFuCheng3y Austin version 1.0

Description A critical issue affects the function getRemoteUrl2File of the file srcmainjavacomjava3yaustinsupportutilsAustinFileUtils.java in the Email Message Template Handler component. This issue is related to insufficient validation of incoming requests and leads to server-side request forgery. The attack can be launched remotely, and the exploit has been disclosed to the public.

Recommendations As a temporary workaround, consider disabling the getRemoteUrl2File function until a patch is available. Restrict access to the AustinFileUtils.java file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.