What vulnerabilities were discovered in Appsmith Enterprise?

Rhino Security Labs has uncovered a series of three significant security flaws affecting default installations of the Appsmith Enterprise platform: an unauthenticated remote code execution vulnerability (CVE-2024-55963), an Insecure Direct Object Reference (IDOR) vulnerability (CVE-2024-55964), and a denial-of-service vulnerability (CVE-2024-55965).

What is CVE-2024-55963 and how does it affect Appsmith?

CVE-2024-55963 is an unauthenticated remote code execution vulnerability due to a misconfigured PostgreSQL database included by default in Appsmith installations. The included PostgreSQL database has a misconfigured authentication setup in the pg_hba.conf file that allows any local user to connect as any PostgreSQL user (including superuser) without password authentication due to the 'trust' authentication method. Appsmith's default configuration allows for user signup without invitation, enabling attackers to create their own workspaces and connect to the misconfigured database.

What is CVE-2024-55964 and how does it affect Appsmith?

CVE-2024-55964 is an Insecure Direct Object Reference (IDOR) vulnerability allowing 'App Viewer' users unauthorized access to sensitive database data through SQL queries. The issue is in the '/api/v1/datasources/[datasource-id]/schema-preview' API endpoint, which lacks proper authorization checks. This can be exploited through predictable datasource ID generation patterns with only 5 characters that can be bruteforced.

What is CVE-2024-55965 and how does it affect Appsmith?

CVE-2024-55965 is a denial-of-service vulnerability via broken access control allowing 'App Viewer' users to access the 'Restart' API functionality, which could be used to disrupt service availability.

Are there CVSS scores available for these vulnerabilities?

CVSS scores are not available for these vulnerabilities (CVE-2024-55963, CVE-2024-55964, and CVE-2024-55965) at this time.

Advisory

Rhino Security Labs report multiple flaws in default install of Appsmith Enterprise Platform

Q: Who discovered these vulnerabilities in Appsmith?

Rhino Security Labs uncovered these vulnerabilities affecting default installations of the Appsmith Enterprise platform.

published: March 25, 2025

Take action: If you are running Appsmith, it's time to patch the system. Even if it's only accessible internally, there are several unauthenticated attacks and even a denial of service vector that can be easily abused, both by disgruntled insiders and as target of opportunity for hackers.

Learn More

Rhino Security Labs has uncovered a series of vulnerabilities affecting default installations of the Appsmith Enterprise platform.

Appsmith is an open-source developer tool designed to help engineers build internal business applications quickly using pre-built components and integrations. It allows for faster development of complex web applications compared to traditional coding methods.

Three significant security flaws were identified:

CVE-2024-55963 (CVSS score not available): An unauthenticated remote code execution vulnerability due to a misconfigured PostgreSQL database included by default in Appsmith installations. The included PostgreSQL database has a misconfigured authentication setup in the pg_hba.conf file that allows any local user to connect as any PostgreSQL user (including superuser) without password authentication due to the "trust" authentication method. Appsmith's default configuration allows for user signup without invitation, enabling attackers to create their own workspaces and connect to the misconfigured database.
CVE-2024-55964 (CVSS score not available): An Insecure Direct Object Reference (IDOR) vulnerability allowing "App Viewer" users unauthorized access to sensitive database data through SQL queries. The "/api/v1/datasources/[datasource-id]/schema-preview" API endpoint, which lacks proper authorization checks. Exploitation of predictable datasource ID generation patterns with only 5 characters to bruteforce.
CVE-2024-55965 (CVSS score not available): A denial-of-service vulnerability via broken access control allowing "App Viewer" users to access the 'Restart' API functionality.

These vulnerabilities impact Appsmith Community, Business, and Enterprise Editions, versions 1.20 through 1.51.

All users running self-hosted Appsmith instances should immediately upgrade to version 1.52 or later.

Rhino Security Labs report multiple flaws in default install of Appsmith Enterprise Platform

Read More
SAP fixes second actively exploited NetWeaver vulnerability
Coolify reports 11 critical flaws enabling full server …
NVIDIA patches critical flaws in Triton AI Server
Akamai reports privilege escalation vulnerability in Windows Server …
SolarWinds patches critical flaws in Access Rights Manager