CVE-2022-29237 is an authentication bypass vulnerability affecting Opencast, an open-source platform designed for automated video capture and distribution at scale. The vulnerability exists in versions prior to 10.14 and between 11.0 and 11.7, specifically in multi-tenant Opencast clusters. The issue arises because the system improperly validates user permissions when importing media files via URLs. An attacker with full access to the Opencast ingest REST interface can supply URLs referencing media files belonging to other organizations within the same Opencast cluster. Due to insufficient authentication checks, Opencast imports these files into the attacker's organization, effectively bypassing organizational boundaries and access controls. This flaw is categorized under CWE-287 (Improper Authentication), indicating that the system fails to properly verify user credentials or permissions before allowing access to resources. Notably, single-tenant deployments are not affected, as the vulnerability depends on the presence of multiple organizations sharing the same cluster. No known exploits have been reported in the wild, and the issue was publicly disclosed in May 2022. The vulnerability was addressed in Opencast versions 10.14 and 11.7 by strengthening authentication and authorization checks on the ingest REST interface to ensure that users cannot import files from organizations other than their own. The attack requires the adversary to have full access to the ingest REST interface and knowledge of internal resource URLs, which suggests that the threat is more relevant in scenarios where the ingest interface is exposed or compromised. Overall, this vulnerability allows unauthorized data access and potential data leakage across organizational boundaries within multi-tenant Opencast deployments, undermining confidentiality and organizational data isolation.

For European organizations using multi-tenant Opencast clusters, this vulnerability poses a significant risk to data confidentiality and organizational data segregation. Unauthorized users could import and access video content belonging to other organizations, potentially exposing sensitive or proprietary media assets. This could lead to intellectual property theft, privacy violations, or compliance breaches, especially under stringent European data protection regulations such as GDPR. The integrity of organizational boundaries within the platform is compromised, which may also undermine trust in the platform's security. While the vulnerability does not directly affect availability, the unauthorized data access could facilitate further attacks or data exfiltration. Organizations relying on Opencast for educational, governmental, or corporate video distribution may face reputational damage and legal consequences if sensitive content is exposed. The requirement for full access to the ingest REST interface limits the attack surface but does not eliminate risk, particularly if internal users or compromised credentials are involved. Since the vulnerability affects only multi-tenant clusters, organizations operating single-tenant instances are not impacted. However, multi-tenant deployments are common in larger institutions or service providers, making this a relevant concern for European universities, public broadcasters, and media service providers.

1. Upgrade all Opencast deployments to version 10.14 or later, or 11.7 or later, as these versions contain the official patch addressing this vulnerability. 2. Restrict access to the ingest REST interface strictly to trusted users and systems using network segmentation, firewall rules, and VPNs to minimize exposure. 3. Implement strong authentication and authorization controls on the ingest interface, including multi-factor authentication (MFA) where possible, to prevent unauthorized access. 4. Audit and monitor ingest interface access logs for unusual activity or attempts to import media from other organizations. 5. For organizations unable to upgrade immediately, consider disabling multi-tenancy features or isolating organizations into separate clusters to prevent cross-organization access. 6. Educate internal users about the risks of sharing internal resource URLs and enforce strict URL management policies. 7. Conduct regular security assessments and penetration testing focused on REST API endpoints to detect similar authentication weaknesses. 8. Review and harden internal URL generation and validation mechanisms to ensure URLs cannot be manipulated to access unauthorized resources.