CVE-2024-55088 – GetSimple CMS CE 3.3.19 contains a Server-Side ... (How to Fix)

Q: What is the severity of CVE-2024-55088?

CVE-2024-55088 has a CVSS score of 8.8 (HIGH). GetSimple CMS CE 3.3.19 contains a Server-Side Request Forgery (SSRF) vulnerability in its backend plugin module. This allows authenticated attackers to make arbitrary HTTP requests from the server, potentially accessing internal systems. Only administrators with backend access are affected.

📋 TL;DR

GetSimple CMS CE 3.3.19 contains a Server-Side Request Forgery (SSRF) vulnerability in its backend plugin module. This allows authenticated attackers to make arbitrary HTTP requests from the server, potentially accessing internal systems. Only administrators with backend access are affected.

💻 Affected Systems

Products:

GetSimple CMS CE

Versions: 3.3.19

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated admin access to the backend plugin module.

📦 What is this software?

Getsimple Cms by Getsimple Ce

View all CVEs affecting Getsimple Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could pivot to internal networks, access cloud metadata services, perform port scanning, or interact with internal APIs to steal data or execute further attacks.

🟠

Likely Case

Attackers with admin credentials could probe internal networks, access internal web services, or use the server as a proxy for malicious requests.

🟢

If Mitigated

With proper network segmentation and egress filtering, impact is limited to the server itself and directly accessible internal services.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials but is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://getsimple-ce.ovh/

Restart Required: No

Instructions:

1. Monitor the official GetSimple CMS CE website for updates. 2. Apply any security patches when released. 3. Consider temporary workarounds until patch is available.

🔧 Temporary Workarounds

Restrict Admin Access

all

Limit backend access to trusted IP addresses only

# Configure web server (Apache example)
<Location "/admin/plugins/">
    Require ip 192.168.1.0/24
</Location>

Disable Plugin Module

linux

Temporarily disable or restrict the vulnerable plugin module

# Rename or move the plugins directory
mv /path/to/getsimple/admin/plugins /path/to/getsimple/admin/plugins_disabled

🧯 If You Can't Patch

Implement strict network egress filtering to limit outbound connections from the web server
Deploy a web application firewall (WAF) with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check if running GetSimple CMS CE version 3.3.19 and verify admin access to plugin module

Check Version:

Check the version.txt file in the GetSimple installation directory

Verify Fix Applied:

Verify version is updated beyond 3.3.19 or workarounds are properly implemented

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server process
Multiple requests to internal IP addresses from admin user sessions

Network Indicators:

Web server making unexpected outbound HTTP requests
Requests to internal services from external-facing server

SIEM Query:

source="webserver.log" AND (dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16) AND user="admin"

📊 Metadata

CVE ID: CVE-2024-55088

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: December 18, 2024

Last Updated: April 17, 2025

🔗 References

https://getsimple-ce.ovh/ Product
https://tasteful-stamp-da4.notion.site/CVE-2024-55088-15b1e0f227cb8064a1a8ed684607fee9?pvs=73 Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-55088, you might also want to check these: