CVE-2024-54450

Name of the Vulnerable Software and Affected Versions: Kurmi Provisioning Suite version 7.9.0.33

Description: An issue was discovered in the Kurmi Provisioning Suite. If an X-Forwarded-For header is received during authentication, the Kurmi application will record the possibly forged IP address mentioned in that header rather than the real IP address that the user logged in from. This fake IP address can later be displayed in the My Account popup that shows the IP address that was used to log in.

Recommendations: For Kurmi Provisioning Suite version 7.9.0.33, as a temporary workaround, consider disabling the use of the X-Forwarded-For header during authentication until a patch is available. Restrict access to the My Account popup to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.