CVE-2024-54147: Altair GraphQL Client Vulnerable to Man-in-the-Middle Attacks Prior to Version 8..5

Introduction:
Altair GraphQL Client is a popular application used to efficiently test and debug GraphQL servers across multiple platforms. However, versions earlier than 8..5 have a critical security vulnerability (identified as CVE-2024-54147) that allows potential man-in-the-middle attacks while users are connected to unsecured networks, such as public WiFi or compromised DNS servers. This article will discuss the details of the vulnerability, its consequences, and the necessary steps to address the issue.

Vulnerability Details

The Altair GraphQL Client's desktop application does not validate HTTPS certificates prior to its version 8..5. Consequently, this vulnerability allows an attacker to intercept all requests from Altair's desktop application and compromise sensitive information, such as the GraphQL request and response headers and bodies, including authorization tokens, as well as access the users' Altair GraphQL Cloud account.

Moreover, the attacker can spoof the payment checkout pages with malicious websites, potentially resulting in unauthorized transactions and financial loss.

Here's a code snippet displaying a lack of HTTPS certificate validation in an affected version of the Altair GraphQL Client:

const httpsOptions = {
    // No 'ca', 'cert', or 'key' properties
};

const httpsAgent = new https.Agent(httpsOptions);

const client = new ApolloClient({
    link: createHttpLink({
        uri: 'https://path.to/your/graphql/api/endpoint';,
        agent: httpsAgent,
    }),
    cache: new InMemoryCache(),
});

Mitigation and Remediation

Altair has addressed this vulnerability in version 8..5. Users should update their Altair GraphQL Client application immediately to protect themselves from potential man-in-the-middle attacks. Here's an example of how the updated code snippet looks like in version 8..5 with proper HTTPS certificate validation:

const httpsOptions = {
    ca: fs.readFileSync('path/to/your/ca.pem'),
    cert: fs.readFileSync('path/to/your/cert.pem'),
    key: fs.readFileSync('path/to/your/key.pem'),
};

const httpsAgent = new https.Agent(httpsOptions);

const client = new ApolloClient({
    link: createHttpLink({
        uri: 'https://path.to/your/graphql/api/endpoint';,
        agent: httpsAgent,
    }),
    cache: new InMemoryCache(),
});

Users should also be cautious when connecting to untrusted networks and avoid using public WiFi or potentially compromised DNS servers whenever possible. Additionally, they should monitor their Altair GraphQL Cloud accounts and online transactions for any suspicious activity.

Conclusion

Altair has acknowledged and resolved the security vulnerability (CVE-2024-54147) in its GraphQL Client's desktop application with the release of version 8..5. Updating to this version is critical to protect users from potential man-in-the-middle attacks and avoid compromising sensitive information and unauthorized transactions. By utilizing secure networks and keeping the Altair GraphQL Client updated, users can continue to benefit from its powerful features while safeguarding their data.

For additional information and to download the latest version of the Altair GraphQL Client, visit the official website at https://altair.sirmuel.design/ and refer to the GitHub repository for the complete change log and documentation.

Timeline

Published on: 12/09/2024 19:15:14 UTC