CVE-2024-46508
Authentication Bypass in Yeti-Platform via Default JWT Secret
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yeti-platform | yeti | From 2.0 (inc) to 2.1.12 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in yeti-platform versions before 2.1.12 allows attackers to generate valid JWT tokens if the secret key is not changed from its default value (SECRET). This means that if the YETI_AUTH_SECRET_KEY is not set to a unique value, attackers can create tokens that the system will accept as legitimate.
How can this vulnerability impact me? :
This vulnerability can allow attackers to impersonate legitimate users or gain unauthorized access by generating valid JWT tokens. This could lead to unauthorized actions within the system, data exposure, or other security breaches depending on the privileges associated with the forged tokens.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately change the default secret by setting the YETI_AUTH_SECRET_KEY environment variable to a value other than the default 'SECRET'. This prevents attackers from generating valid JWT tokens.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability in yeti-platform before version 2.1.12 occurs if the default JWT secret key (YETI_AUTH_SECRET_KEY) is not changed from the default value 'SECRET'. Detection involves checking the configuration of the YETI_AUTH_SECRET_KEY environment variable or configuration file to see if it remains set to the insecure default.
To detect this on your system, you can inspect the environment variables or configuration files where YETI_AUTH_SECRET_KEY is set. For example, on a Linux system, you might run commands like:
- Check environment variables: `printenv | grep YETI_AUTH_SECRET_KEY`
- Check running processes for environment variables: `ps eww -C yeti`
- Search configuration files for the secret key: `grep -r YETI_AUTH_SECRET_KEY /path/to/yeti/config/`
If the value is 'SECRET' or empty, the system is vulnerable. Changing this secret to a strong, unique value mitigates the vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in yeti-platform allows attackers to generate valid JWT tokens if the default secret is not changed, potentially enabling unauthorized access.
Such unauthorized access could lead to exposure or misuse of sensitive data, which may impact compliance with data protection regulations like GDPR and HIPAA that require strict access controls and protection of personal or health information.
However, the provided information does not explicitly detail the direct effects on compliance with these standards.