FortiDevSec is an application security testing product that offers a comprehensive SaaS based continuous application testing for software Developers and DevOps, without the need for any security expertise
This article describes GeoServer RCE Attack vulnerability detection with FortiDevSec.
CVE-2024-36401 is a critical vulnerability affecting GeoServer versions earlier than 2.23.6, 2.24.4, and 2.25.2. This vulnerability allows unauthenticated users to execute arbitrary code on a default GeoServer installation by sending specially crafted input. The issue stems from the unsafe handling of property names as XPath expressions due to a flaw in the GeoTools library API, which GeoServer relies on.
Scope
FortiDevSec SCA scanner updated in version 24.2
Solution
Detection against these vulnerabilities is empowered by the FortiDevSec Software Composition Analysis (SCA) scanner. This technology enables FortiDevSec to assess with a high level of confidence if the application codebase is vulnerable to a specific vulnerability by identifying open-source software dependencies. The SCA scanner is enabled by default. Once the scan is performed on an application, the result appears under the Software Composition Analysis tab.
A step-by-step guide on how to scan an application is available in the user-guide
