cnvd - cnvd-2023-06077

CNVD-2023-06077

Vulnerability from cnvd - Published: 2023-02-02

Title

Autolab操作系统命令注入漏洞

Description

Autolab是一项课程管理服务。支持自动评分的编程作业。 Autolab存在操作系统命令注入漏洞。攻击者可利用该漏洞在托管Autolab服务器上执行代码。

Severity

高

Patch Name

Autolab操作系统命令注入漏洞的补丁

Patch Description

Autolab是一项课程管理服务。支持自动评分的编程作业。 Autolab存在操作系统命令注入漏洞。攻击者可利用该漏洞在托管Autolab服务器上执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/autolab/Autolab/security/advisories/GHSA-x5r3-vf3p-3269

Reference

https://cxsecurity.com/cveshow/CVE-2022-41955/

Impacted products

Name
Autolab Autolab >=2.0.2，<2.10.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-41955"
    }
  },
  "description": "Autolab\u662f\u4e00\u9879\u8bfe\u7a0b\u7ba1\u7406\u670d\u52a1\u3002\u652f\u6301\u81ea\u52a8\u8bc4\u5206\u7684\u7f16\u7a0b\u4f5c\u4e1a\u3002\n\nAutolab\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6258\u7ba1Autolab\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/autolab/Autolab/security/advisories/GHSA-x5r3-vf3p-3269",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-06077",
  "openTime": "2023-02-02",
  "patchDescription": "Autolab\u662f\u4e00\u9879\u8bfe\u7a0b\u7ba1\u7406\u670d\u52a1\u3002\u652f\u6301\u81ea\u52a8\u8bc4\u5206\u7684\u7f16\u7a0b\u4f5c\u4e1a\u3002\r\n\r\nAutolab\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6258\u7ba1Autolab\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4ee3\u7801\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Autolab\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Autolab Autolab \u003e=2.0.2\uff0c\u003c2.10.0"
  },
  "referenceLink": "https://cxsecurity.com/cveshow/CVE-2022-41955/",
  "serverity": "\u9ad8",
  "submitTime": "2023-01-17",
  "title": "Autolab\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2022-41955 (GCVE-0-2022-41955)

Vulnerability from cvelistv5 – Published: 2023-01-14 00:09 – Updated: 2024-08-03 12:56

Title

Autolab is vulnerable to remote code execution (RCE) via MOSS functionality

Summary

Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remote code execution vulnerability was discovered in Autolab's MOSS functionality, whereby an instructor with access to the feature might be able to execute code on the server hosting Autolab. This vulnerability has been patched in version 2.10.0. As a workaround, disable the MOSS feature if it is unneeded by replacing the body of `run_moss` in `app/controllers/courses_controller.rb` with `render(plain: "Feature disabled", status: :bad_request) && return`.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/autolab/Autolab/security/advis…	x_refsource_CONFIRM
	https://securitylab.github.com/advisories/GHSL-20…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	autolab	Autolab	Affected: >= 2.0.1, <= 2.9.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:56:38.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/autolab/Autolab/security/advisories/GHSA-x5r3-vf3p-3269",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-x5r3-vf3p-3269"
          },
          {
            "name": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autolab",
          "vendor": "autolab",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.0.1, \u003c= 2.9.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remote code execution vulnerability was discovered in Autolab\u0027s MOSS functionality, whereby an instructor with access to the feature might be able to execute code on the server hosting Autolab. This vulnerability has been patched in version 2.10.0. As a workaround, disable the MOSS feature if it is unneeded by replacing the body of `run_moss` in `app/controllers/courses_controller.rb` with `render(plain: \"Feature disabled\", status: :bad_request) \u0026\u0026 return`."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-11T18:24:33.078Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/autolab/Autolab/security/advisories/GHSA-x5r3-vf3p-3269",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-x5r3-vf3p-3269"
        },
        {
          "name": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/"
        }
      ],
      "source": {
        "advisory": "GHSA-x5r3-vf3p-3269",
        "discovery": "UNKNOWN"
      },
      "title": "Autolab is vulnerable to remote code execution (RCE) via MOSS functionality"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-41955",
    "datePublished": "2023-01-14T00:09:07.032Z",
    "dateReserved": "2022-09-30T16:38:28.945Z",
    "dateUpdated": "2024-08-03T12:56:38.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2023-06077

CVE-2022-41955 (GCVE-0-2022-41955)

Tags

Sightings

Nomenclature