CVE-2026-42858 Overview
CVE-2026-42858 is a Server-Side Request Forgery (SSRF) vulnerability in the Open edX Platform, an open-source learning management system for authoring and delivering online courses at scale. The flaw exists in the sync_provider_data endpoint within SAMLProviderDataViewSet, which accepts an arbitrary URL via the metadata_url POST parameter. The supplied URL is passed directly to requests.get() inside fetch_metadata_xml() without URL validation, IP filtering, or scheme enforcement. An authenticated Enterprise Admin can coerce the server into making HTTP requests to internal services, cloud metadata endpoints, or attacker-controlled destinations.
Critical Impact
Attackers with Enterprise Admin privileges can reach AWS instance metadata at 169.254.169.254 and exfiltrate cloud credentials, pivoting to full cloud account compromise.
Affected Products
- Open edX Platform (openedx/openedx-platform) prior to fix commits
- Deployments exposing the sync_provider_data endpoint in SAMLProviderDataViewSet
- Cloud-hosted Open edX instances running on AWS, Azure, or GCP with reachable metadata services
Discovery Timeline
- 2026-05-11 - CVE-2026-42858 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-42858
Vulnerability Analysis
The vulnerability is classified as Server-Side Request Forgery [CWE-918]. The sync_provider_data endpoint in SAMLProviderDataViewSet accepts a metadata_url POST parameter from Enterprise Admin users. This parameter is forwarded to fetch_metadata_xml(), which invokes requests.get() with no sanitization of the destination. An attacker submits a crafted URL pointing to internal infrastructure, and the Open edX server issues the HTTP request from its own network position. Responses, errors, or timing differences can expose internal service banners, configuration data, and cloud Identity and Access Management (IAM) credentials retrieved from instance metadata endpoints.
Root Cause
The root cause is missing input validation on a user-supplied URL before it is consumed by an outbound HTTP client. The original code path lacked scheme enforcement, hostname allowlisting, and IP address filtering for private, loopback, and link-local ranges. The fix introduces a validate_saml_metadata_url helper and a new SAMLMetadataURLError exception that parse the URL with urlparse, resolve hostnames, and reject addresses in restricted ranges using the ipaddress module.
Attack Vector
Exploitation requires authenticated access with Enterprise Admin privileges. The attacker submits a POST request to sync_provider_data with metadata_url set to a target such as http://169.254.169.254/latest/meta-data/iam/security-credentials/. The server fetches the URL and processes the response as SAML metadata, with error messages and side effects revealing internal state. The attack scope is changed because the SSRF reaches network resources outside the application's intended trust boundary.
# Patch: introduces SSRF validation in third_party_auth/utils.py
import datetime
import ipaddress
from urllib.parse import urlparse
from zoneinfo import ZoneInfo
import dateutil.parser
from django.conf import settings
from django.contrib.auth.models import User
from django.utils.timezone import now
from enterprise.models import EnterpriseCustomerIdentityProvider, EnterpriseCustomerUser
# Source: https://github.com/openedx/openedx-platform/commit/70a56246dd9c9df57c596e64bdd8a11b1d9da054
# Patch: imports validate_saml_metadata_url into tasks.py
from common.djangoapps.third_party_auth.models import SAMLConfiguration, SAMLProviderConfig
from common.djangoapps.third_party_auth.utils import (
MetadataParseError,
SAMLMetadataURLError,
create_or_update_bulk_saml_provider_data,
parse_metadata_xml,
validate_saml_metadata_url,
)
# Source: https://github.com/openedx/openedx-platform/commit/70a56246dd9c9df57c596e64bdd8a11b1d9da054
Detection Methods for CVE-2026-42858
Indicators of Compromise
- Outbound HTTP requests from the Open edX application server to RFC 1918 ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) that are not part of normal SAML traffic
- Requests originating from the Open edX server targeting 169.254.169.254 or other cloud metadata endpoints
- POST requests to sync_provider_data containing metadata_url values with non-public hostnames or raw IP addresses
- Application logs showing SSLError, HTTPError, or RequestException from fetch_metadata_xml() against unusual hosts
Detection Strategies
- Audit web access logs for calls to SAMLProviderDataViewSet.sync_provider_data and inspect the metadata_url parameter for internal IPs, loopback addresses, or non-HTTPS schemes
- Correlate Enterprise Admin authentication events with outbound network connections from the Open edX server to detect anomalous request destinations
- Deploy egress network monitoring that flags any application-server traffic to cloud metadata IPs or private ranges
Monitoring Recommendations
- Forward Open edX Django logs and reverse proxy access logs to a centralized analytics platform with retention sufficient to investigate retroactive abuse
- Alert on Enterprise Admin role assignments and configuration changes to SAML provider data
- Monitor IAM credential usage from cloud metadata services for unexpected source workloads or new API calls
How to Mitigate CVE-2026-42858
Immediate Actions Required
- Apply the upstream fixes in commits 6fda1f120ff5a590d120ae1180185525f399c6d0 and 70a56246dd9c9df57c596e64bdd8a11b1d9da054 from the openedx-platform repository
- Review and reduce the membership of the Enterprise Admin role to the minimum operationally required
- Rotate cloud IAM credentials accessible from the Open edX instance metadata endpoint if exploitation is suspected
- Audit recent SAML provider configuration changes for unauthorized metadata_url submissions
Patch Information
The vulnerability is fixed by two commits in the openedx-platform repository. See the GitHub Security Advisory GHSA-328g-7h4g-r2m9, the SSRF fix commit, and the supporting commit. The patch introduces validate_saml_metadata_url, the SAMLMetadataURLError exception, and the SAMLAMETADATA_URL_ALLOW_PRIVATE_IPS toggle that defaults to False.
Workarounds
- Enforce network-level egress filtering on the Open edX application server to block outbound traffic to RFC 1918 ranges, 127.0.0.0/8, and 169.254.0.0/16
- Use Instance Metadata Service Version 2 (IMDSv2) on AWS to require session tokens that SSRF requests cannot forge
- Restrict access to the sync_provider_data endpoint behind a VPN or IP allowlist until patches are applied
- Keep SAML_METADATA_URL_ALLOW_PRIVATE_IPS set to False after upgrading
# Apply the security patches to a local Open edX checkout
cd openedx-platform
git fetch origin
git cherry-pick 6fda1f120ff5a590d120ae1180185525f399c6d0
git cherry-pick 70a56246dd9c9df57c596e64bdd8a11b1d9da054
# Verify the toggle remains disabled in openedx/envs/common.py
grep -n 'SAML_METADATA_URL_ALLOW_PRIVATE_IPS' openedx/envs/common.py
# Expected: SAML_METADATA_URL_ALLOW_PRIVATE_IPS = False
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
