CVE-2022-23644 – This CVE describes a server-side request forger... (How to Fix)

Q: What is the severity of CVE-2022-23644?

CVE-2022-23644 has a CVSS score of 8.8 (HIGH). This CVE describes a server-side request forgery (SSRF) vulnerability in BookWyrm's cover image loading functionality. Authenticated users can exploit this to make the server send arbitrary HTTP requests to internal or external systems. All BookWyrm instances running versions before 0.3.0 are affected.

📋 TL;DR

This CVE describes a server-side request forgery (SSRF) vulnerability in BookWyrm's cover image loading functionality. Authenticated users can exploit this to make the server send arbitrary HTTP requests to internal or external systems. All BookWyrm instances running versions before 0.3.0 are affected.

💻 Affected Systems

Products:

BookWyrm

Versions: All versions prior to v0.3.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access; instances with open registration are more exposed.

📦 What is this software?

Bookwyrm by Joinbookwyrm

View all CVEs affecting Bookwyrm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, or pivot to other systems within the network.

🟠

Likely Case

Unauthorized access to internal APIs, metadata harvesting, or scanning of internal network services.

🟢

If Mitigated

Limited to authenticated user access with proper network segmentation and request validation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated user access; SSRF techniques are well-documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v0.3.0

Vendor Advisory: https://github.com/bookwyrm-social/bookwyrm/security/advisories/GHSA-5m7g-66h6-5cvq

Restart Required: Yes

Instructions:

1. Backup your BookWyrm instance. 2. Update to version 0.3.0 or later using your deployment method (Docker, manual, etc.). 3. Restart the application. 4. Verify the update was successful.

🔧 Temporary Workarounds

Restrict User Registration

all

Close registration and limit access to trusted individuals only.

Configure BookWyrm settings to disable new user registration

🧯 If You Can't Patch

Implement network segmentation to isolate BookWyrm from sensitive internal services
Deploy a web application firewall (WAF) with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check if BookWyrm version is below 0.3.0 in admin panel or configuration files.

Check Version:

Check BookWyrm admin interface or run: docker ps --format 'table {{.Names}}	{{.Image}}' | grep bookwyrm

Verify Fix Applied:

Confirm version is 0.3.0 or higher and test cover image loading with controlled URLs.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from BookWyrm server to internal IPs or unexpected domains
Multiple failed cover image load attempts with unusual URLs

Network Indicators:

BookWyrm server making requests to internal services (metadata services, cloud APIs, etc.)
Unexpected traffic patterns from BookWyrm to non-public endpoints

SIEM Query:

source="bookwyrm.logs" AND (url="*://169.254.*" OR url="*://10.*" OR url="*://192.168.*" OR url="*://172.16.*")

📊 Metadata

CVE ID: CVE-2022-23644

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-918

Published: February 16, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/bookwyrm-social/bookwyrm/security/advisories/GHSA-5m7g-66h6-5cvq Third Party Advisory
https://github.com/bookwyrm-social/bookwyrm/security/advisories/GHSA-5m7g-66h6-5cvq Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-23644, you might also want to check these: