CVE-2024-55086 – This SSRF vulnerability in GetSimple CMS CE 3.3... (How to Fix)

Q: What is the severity of CVE-2024-55086?

CVE-2024-55086 has a CVSS score of 7.2 (HIGH). This SSRF vulnerability in GetSimple CMS CE 3.3.19 allows attackers to make the server send requests to internal systems through the plugin download functionality in the admin panel. It affects administrators with access to the backend management system. The vulnerability could lead to internal network reconnaissance or attacks on internal services.

📋 TL;DR

This SSRF vulnerability in GetSimple CMS CE 3.3.19 allows attackers to make the server send requests to internal systems through the plugin download functionality in the admin panel. It affects administrators with access to the backend management system. The vulnerability could lead to internal network reconnaissance or attacks on internal services.

💻 Affected Systems

Products:

GetSimple CMS CE

Versions: 3.3.19

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin access to the backend management system.

📦 What is this software?

Getsimple Cms by Getsimple Ce

View all CVEs affecting Getsimple Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data from internal systems, or pivot to attack other internal infrastructure.

🟠

Likely Case

Internal network scanning, accessing metadata services, or interacting with internal APIs that shouldn't be exposed.

🟢

If Mitigated

Limited to internal network reconnaissance if proper network segmentation and egress filtering are in place.

🌐 Internet-Facing: MEDIUM - Requires admin access, but internet-facing admin panels could be targeted.

🏢 Internal Only: MEDIUM - Internal attackers with admin access could exploit to pivot within the network.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials but is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://getsimple-ce.ovh/

Restart Required: No

Instructions:

No official patch available. Monitor vendor site for updates.

🔧 Temporary Workarounds

Restrict Admin Access

all

Limit admin panel access to trusted IP addresses only

Configure web server (Apache/Nginx) to restrict /admin/ path to specific IPs

Network Egress Filtering

all

Block outbound requests from web server to internal networks

Configure firewall to restrict web server outbound connections

🧯 If You Can't Patch

Implement strict network segmentation to isolate the CMS server
Monitor for unusual outbound connections from the web server

🔍 How to Verify

Check if Vulnerable:

Check if running GetSimple CMS CE version 3.3.19 with admin access to plugin management

Check Version:

Check GetSimple CMS version in admin panel or read version file

Verify Fix Applied:

Test if plugin download functionality can make requests to internal IPs

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server
Multiple failed plugin download attempts

Network Indicators:

Web server making requests to internal IP ranges
Requests to metadata services (169.254.169.254)

SIEM Query:

source_ip=webserver AND dest_ip IN (internal_ranges) AND protocol=HTTP

📊 Metadata

CVE ID: CVE-2024-55086

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-918

Published: December 18, 2024

Last Updated: April 18, 2025

🔗 References

https://getsimple-ce.ovh/ Product
https://tasteful-stamp-da4.notion.site/CVE-2024-55086-15b1e0f227cb80e4bf4ed76aac53f795 Broken Link
https://tasteful-stamp-da4.notion.site/CVE-2024-55086-15b1e0f227cb80e4bf4ed76aac53f795 Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-55086, you might also want to check these: