Impact
Improper validation of gridfs operation headers in Apache Camel’s MongoDB GridFS component allows an attacker to override the intended file operation. This represents CWE‑20 (Improper Input Validation) and CWE‑284 (Improper Access Control). By sending a specially crafted HTTP request, a malicious client can change the operation from upload to delete or enumerate, and supply a MongoDB document via the metadata header that leads to NoSQL injection. These actions can delete arbitrary files, disclose the contents of any file, or alter data integrity, without requiring authentication when the HTTP consumer is left unsecured.
Affected Systems
Apache Camel versions 4.0.0 through 4.14.7, 4.15.0 through 4.18.2, and 4.19.0 through 4.20.9 are vulnerable. Upgrades to 4.14.8, 4.18.3, or 4.21.0 remove the flaw.
Risk and Exploitability
The EPSS score indicates a low probability of exploitation in the wild, but the absence of a KEV listing does not mitigate the potential impact. The CVSS score of 9.8 reflects a high severity vulnerability that can lead to complete data loss or unauthorized disclosure. The vulnerability is exploitable through the HTTP boundary when the MongoDB GridFS endpoint’s operation parameter is left unset; any unauthenticated HTTP client can supply gridfs.* headers that bypass the header filter, and because no credentials are required when the consumer is left unsecured, an attacker can immediately hijack the operation. Once hijacked, the attacker can perform destructive file deletion, enumerate the bucket contents, or inject NoSQL operators via the metadata field. Despite the low EPSS, the impact remains severe.
OpenCVE Enrichment