CVE-2024-54147
📋 TL;DR
Altair GraphQL Client desktop app versions before 8.0.5 fail to validate HTTPS certificates, allowing man-in-the-middle attackers to intercept all GraphQL requests and responses. This exposes sensitive data including authorization tokens and can compromise Altair GraphQL Cloud accounts. Users on untrusted networks like public WiFi are particularly vulnerable.
💻 Affected Systems
- Altair GraphQL Client desktop application
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of all GraphQL communications, theft of authentication tokens, unauthorized access to Altair Cloud accounts, and financial fraud through payment page redirection.
Likely Case
Interception of GraphQL queries/responses containing sensitive data and authentication tokens when users connect via untrusted networks.
If Mitigated
Limited exposure if users only connect via trusted networks with proper certificate validation elsewhere in the stack.
🎯 Exploit Status
Exploitation requires man-in-the-middle position on network, which is trivial on public/unsecured networks. No authentication needed to intercept traffic.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 8.0.5
Vendor Advisory: https://github.com/altair-graphql/altair/security/advisories/GHSA-8v9h-hxp5-9jcx
Restart Required: Yes
Instructions:
1. Open Altair GraphQL Client. 2. Check for updates in settings or help menu. 3. Download and install version 8.0.5 or later. 4. Restart the application.
🔧 Temporary Workarounds
Use browser version
allUse Altair's web version instead of desktop app
Network restrictions
allOnly use Altair on trusted, secure networks with proper certificate validation
🧯 If You Can't Patch
- Discontinue use of Altair desktop app for sensitive GraphQL operations
- Use VPN when connecting from untrusted networks to encrypt traffic
🔍 How to Verify
Check if Vulnerable:
Check Altair version in Help > About or settings. If version is below 8.0.5, you are vulnerable.Check Version:
Not applicable - check via application GUIVerify Fix Applied:
Confirm version is 8.0.5 or higher in application settings.📡 Detection & Monitoring
Log Indicators:
- Unusual certificate validation failures
- Unexpected network traffic patterns from Altair
Network Indicators:
- Unencrypted GraphQL traffic from Altair client
- Certificate validation bypass attempts
SIEM Query:
Not applicable - client-side vulnerability