All the vulnerabilites related to zenml-io - zenml-io/zenml
cve-2024-2083
Vulnerability from cvelistv5
Published
2024-04-16 00:00
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.55.5 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.55.5", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2083", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-26T15:29:15.912508Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T15:31:16.877Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:03:38.832Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/f24b2216-6a4b-42a1-becb-9b47e6cf117f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/00e934f33a243a554f5f65b80eefd5ea5117367b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.55.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the \u0027logs\u0027 URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-29", "description": "CWE-29 Path Traversal: \u0027\\..\\filename\u0027", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-16T11:10:47.009Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/f24b2216-6a4b-42a1-becb-9b47e6cf117f" }, { "url": "https://github.com/zenml-io/zenml/commit/00e934f33a243a554f5f65b80eefd5ea5117367b" } ], "source": { "advisory": "f24b2216-6a4b-42a1-becb-9b47e6cf117f", "discovery": "EXTERNAL" }, "title": "Directory Traversal in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2083", "datePublished": "2024-04-16T00:00:15.637Z", "dateReserved": "2024-03-01T14:43:51.962Z", "dateUpdated": "2024-08-01T19:03:38.832Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-5062
Vulnerability from cvelistv5
Published
2024-06-30 15:14
Modified
2024-08-01 21:03
Severity ?
EPSS score ?
Summary
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the 'redirect' parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user's browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.58.0 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.58.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-5062", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-30T19:47:16.786045Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-30T19:49:38.322Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:03:10.618Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/ceddd3c1-a9da-4d6c-85c4-41d4d1e1102f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/21edd863c0ba53c1110b6f018a07c2d6853cf6d4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.58.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the \u0027redirect\u0027 parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user\u0027s browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-30T15:14:25.313Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/ceddd3c1-a9da-4d6c-85c4-41d4d1e1102f" }, { "url": "https://github.com/zenml-io/zenml/commit/21edd863c0ba53c1110b6f018a07c2d6853cf6d4" } ], "source": { "advisory": "ceddd3c1-a9da-4d6c-85c4-41d4d1e1102f", "discovery": "EXTERNAL" }, "title": "Reflected XSS through survey redirect parameter in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-5062", "datePublished": "2024-06-30T15:14:25.313Z", "dateReserved": "2024-05-17T12:00:48.633Z", "dateUpdated": "2024-08-01T21:03:10.618Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2260
Vulnerability from cvelistv5
Published
2024-04-16 00:00
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim's JWT token.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.56.2 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.56.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2260", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-03T17:33:53.794175Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-03T21:04:22.816Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:03:39.351Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.56.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim\u0027s JWT token." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-384", "description": "CWE-384 Session Fixation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-16T11:10:45.359Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/2d0856ec-ed73-477a-8ea2-d5d4f15cf167" }, { "url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e" } ], "source": { "advisory": "2d0856ec-ed73-477a-8ea2-d5d4f15cf167", "discovery": "EXTERNAL" }, "title": "Session Fixation Vulnerability in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2260", "datePublished": "2024-04-16T00:00:14.951Z", "dateReserved": "2024-03-07T11:52:54.353Z", "dateUpdated": "2024-08-01T19:03:39.351Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4311
Vulnerability from cvelistv5
Published
2024-11-14 17:35
Modified
2024-11-18 15:40
Severity ?
EPSS score ?
Summary
zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the absence of rate-limiting on the '/api/v1/current-user' endpoint, which does not restrict the number of attempts an attacker can make to guess the current password. Successful exploitation results in the attacker being able to change the password and take control of the account.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.57.0 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.57.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-4311", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-18T15:37:57.587318Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-18T15:40:16.154Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.57.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the \u0027Update Password\u0027 function, allowing them to take over the user\u0027s account. This vulnerability is due to the absence of rate-limiting on the \u0027/api/v1/current-user\u0027 endpoint, which does not restrict the number of attempts an attacker can make to guess the current password. Successful exploitation results in the attacker being able to change the password and take control of the account." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-14T17:35:53.703Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/d5517e1a-6b94-4e38-aad6-3aa65f98bec2" }, { "url": "https://github.com/zenml-io/zenml/commit/87a6c2c8f45b49ea83fbb5fe8fff7ab5365a60c9" } ], "source": { "advisory": "d5517e1a-6b94-4e38-aad6-3aa65f98bec2", "discovery": "EXTERNAL" }, "title": "Lack of login attempt rate-limiting in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-4311", "datePublished": "2024-11-14T17:35:53.703Z", "dateReserved": "2024-04-29T10:35:32.401Z", "dateUpdated": "2024-11-18T15:40:16.154Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4680
Vulnerability from cvelistv5
Published
2024-06-08 19:38
Modified
2024-08-01 20:47
Severity ?
EPSS score ?
Summary
A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim's ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:0.56.3:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "status": "affected", "version": "0.56.3" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-4680", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-26T20:06:48.632801Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-02T19:48:27.856Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:47:41.348Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/c88f6bd2-490d-4930-98dd-03651b20230a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThanOrEqual": "latest", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim\u0027s ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-613", "description": "CWE-613 Insufficient Session Expiration", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-08T19:38:31.250Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/c88f6bd2-490d-4930-98dd-03651b20230a" } ], "source": { "advisory": "c88f6bd2-490d-4930-98dd-03651b20230a", "discovery": "EXTERNAL" }, "title": "Insufficient Session Expiration in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-4680", "datePublished": "2024-06-08T19:38:31.250Z", "dateReserved": "2024-05-09T08:03:08.973Z", "dateUpdated": "2024-08-01T20:47:41.348Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4460
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-07-17T11:09:48.895Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "rejectedReasons": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-4460", "datePublished": "2024-06-24T06:58:10.591Z", "dateRejected": "2024-07-17T11:09:48.895Z", "dateReserved": "2024-05-03T07:02:30.582Z", "dateUpdated": "2024-07-17T11:09:48.895Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2035
Vulnerability from cvelistv5
Published
2024-06-06 18:25
Modified
2024-08-01 18:56
Severity ?
EPSS score ?
Summary
An improper authorization vulnerability exists in the zenml-io/zenml repository, specifically within the API PUT /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify the information of other users, including changing the `active` status of user accounts to false, effectively deactivating them. This issue affects version 0.55.3 and was fixed in version 0.56.2. The impact of this vulnerability is significant as it allows for the deactivation of admin accounts, potentially disrupting the functionality and security of the application.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.56.2 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.56.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2035", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-07T12:34:04.626083Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T19:36:31.079Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:56:22.835Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/1cfc6493-082e-4229-9f2f-496801a6557c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/b95f083efffa56831cd41d8ed536aeb0b6038fa3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.56.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An improper authorization vulnerability exists in the zenml-io/zenml repository, specifically within the API PUT /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify the information of other users, including changing the `active` status of user accounts to false, effectively deactivating them. This issue affects version 0.55.3 and was fixed in version 0.56.2. The impact of this vulnerability is significant as it allows for the deactivation of admin accounts, potentially disrupting the functionality and security of the application." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1220", "description": "CWE-1220 Insufficient Granularity of Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:25:00.141Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/1cfc6493-082e-4229-9f2f-496801a6557c" }, { "url": "https://github.com/zenml-io/zenml/commit/b95f083efffa56831cd41d8ed536aeb0b6038fa3" } ], "source": { "advisory": "1cfc6493-082e-4229-9f2f-496801a6557c", "discovery": "EXTERNAL" }, "title": "Improper Authorization in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2035", "datePublished": "2024-06-06T18:25:00.141Z", "dateReserved": "2024-02-29T19:50:35.229Z", "dateUpdated": "2024-08-01T18:56:22.835Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2171
Vulnerability from cvelistv5
Published
2024-06-06 18:22
Modified
2024-08-09 18:41
Severity ?
EPSS score ?
Summary
A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml repository, specifically within the 'logo_url' field. By injecting malicious payloads into this field, an attacker could send harmful messages to other users, potentially compromising their accounts. The vulnerability affects version 0.55.3 and was fixed in version 0.56.2. The impact of exploiting this vulnerability could lead to user account compromise.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.56.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T19:03:38.961Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/cee06a28-7e3b-460b-b504-69add838ebe8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.56.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2171", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-09T18:40:13.689204Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-09T18:41:46.790Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.56.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml repository, specifically within the \u0027logo_url\u0027 field. By injecting malicious payloads into this field, an attacker could send harmful messages to other users, potentially compromising their accounts. The vulnerability affects version 0.55.3 and was fixed in version 0.56.2. The impact of exploiting this vulnerability could lead to user account compromise." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:22:31.301Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/cee06a28-7e3b-460b-b504-69add838ebe8" }, { "url": "https://github.com/zenml-io/zenml/commit/68bcb3ba60cba9729c9713a49c39502d40fb945e" } ], "source": { "advisory": "cee06a28-7e3b-460b-b504-69add838ebe8", "discovery": "EXTERNAL" }, "title": "Stored XSS in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2171", "datePublished": "2024-06-06T18:22:31.301Z", "dateReserved": "2024-03-04T18:18:33.263Z", "dateUpdated": "2024-08-09T18:41:46.790Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2032
Vulnerability from cvelistv5
Published
2024-06-06 18:49
Modified
2024-08-01 18:56
Severity ?
EPSS score ?
Summary
A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple users with the same username when requests are sent in parallel. This issue was fixed in version 0.55.5. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identification and posing security risks. This issue is particularly concerning for APIs that rely on usernames as input parameters, such as PUT /api/v1/users/test_race, where it could lead to further complications.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.55.5 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenml-io:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.55.5", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2032", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-07T18:33:05.512380Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-07T18:37:49.337Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:56:22.635Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/6199cd5d-611f-4ea9-96c5-52a952ba5a56" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/afcaf741ef9114c9b32f722f101b97de3d8d147b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.55.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple users with the same username when requests are sent in parallel. This issue was fixed in version 0.55.5. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identification and posing security risks. This issue is particularly concerning for APIs that rely on usernames as input parameters, such as PUT /api/v1/users/test_race, where it could lead to further complications." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-366", "description": "CWE-366 Race Condition within a Thread", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:49:18.482Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/6199cd5d-611f-4ea9-96c5-52a952ba5a56" }, { "url": "https://github.com/zenml-io/zenml/commit/afcaf741ef9114c9b32f722f101b97de3d8d147b" } ], "source": { "advisory": "6199cd5d-611f-4ea9-96c5-52a952ba5a56", "discovery": "EXTERNAL" }, "title": "Race Condition Vulnerability in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2032", "datePublished": "2024-06-06T18:49:18.482Z", "dateReserved": "2024-02-29T19:13:02.247Z", "dateUpdated": "2024-08-01T18:56:22.635Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2383
Vulnerability from cvelistv5
Published
2024-06-06 18:18
Modified
2024-08-01 19:11
Severity ?
EPSS score ?
Summary
A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5 due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker's control. The issue was addressed in version 0.56.3.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.56.3 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenml-io:zenml:0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenml-io", "versions": [ { "lessThanOrEqual": "0.55.5", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2383", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-07T19:37:36.489628Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-07T19:39:30.275Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:11:53.449Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/22d26f5a-c0ae-4344-aa7d-08ff5ada3963" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/f863fde1269bc355951f8cfc826c0244d88ad5e9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.56.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A clickjacking vulnerability exists in zenml-io/zenml versions up to and including 0.55.5 due to the application\u0027s failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker\u0027s control. The issue was addressed in version 0.56.3." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1021", "description": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:18:29.911Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/22d26f5a-c0ae-4344-aa7d-08ff5ada3963" }, { "url": "https://github.com/zenml-io/zenml/commit/f863fde1269bc355951f8cfc826c0244d88ad5e9" } ], "source": { "advisory": "22d26f5a-c0ae-4344-aa7d-08ff5ada3963", "discovery": "EXTERNAL" }, "title": "Clickjacking Vulnerability in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2383", "datePublished": "2024-06-06T18:18:29.911Z", "dateReserved": "2024-03-11T16:19:50.424Z", "dateUpdated": "2024-08-01T19:11:53.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2213
Vulnerability from cvelistv5
Published
2024-06-06 18:19
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized account takeover by bypassing the standard password change verification process. The issue was fixed in version 0.56.3.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | zenml-io | zenml-io/zenml |
Version: unspecified < 0.56.3 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:zenmlio:zenml:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "zenml", "vendor": "zenmlio", "versions": [ { "lessThan": "0.56.3", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-2213", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-07T12:48:37.724985Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T19:36:34.840Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:03:39.114Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.com/bounties/8f5534ac-fd08-4b8b-8c2e-35949aa36e48" }, { "tags": [ "x_transferred" ], "url": "https://github.com/zenml-io/zenml/commit/58cb3d987372c91eb605853c35325701733337c2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zenml-io/zenml", "vendor": "zenml-io", "versions": [ { "lessThan": "0.56.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized account takeover by bypassing the standard password change verification process. The issue was fixed in version 0.56.3." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T18:19:26.553Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/8f5534ac-fd08-4b8b-8c2e-35949aa36e48" }, { "url": "https://github.com/zenml-io/zenml/commit/58cb3d987372c91eb605853c35325701733337c2" } ], "source": { "advisory": "8f5534ac-fd08-4b8b-8c2e-35949aa36e48", "discovery": "EXTERNAL" }, "title": "Improper Authentication in zenml-io/zenml" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-2213", "datePublished": "2024-06-06T18:19:26.553Z", "dateReserved": "2024-03-06T08:29:15.083Z", "dateUpdated": "2024-08-01T19:03:39.114Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }