CVE-2023-48023

Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0	Exploit Third Party Advisory
https://docs.ray.io/en/latest/ray-security/index.html	Product Release Notes

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:anyscale:ray:2.6.3:::::::*
	cpe:2.3:a:anyscale:ray:2.8.0:::::::*

History

04 Dec 2023, 18:30

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.1
CPE		cpe:2.3:a:anyscale:ray:2.8.0:::::::* cpe:2.3:a:anyscale:ray:2.6.3:::::::*
CWE		CWE-918
References	~~() https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0 -~~	() https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0 - Exploit, Third Party Advisory
References	~~() https://docs.ray.io/en/latest/ray-security/index.html -~~	() https://docs.ray.io/en/latest/ray-security/index.html - Product, Release Notes

28 Nov 2023, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-11-28 08:15

Updated : 2024-10-11 21:36

NVD link : CVE-2023-48023

Mitre link : CVE-2023-48023

CVE.ORG link : CVE-2023-48023

JSON object : View

Products Affected

anyscale

ray

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2023-48023", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2023-11-28T08:15:07.060", "references": [{"url": "https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://docs.ray.io/en/latest/ray-security/index.html", "tags": ["Product", "Release Notes"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment"}, {"lang": "es", "value": "Anyscale Ray 2.6.3 y 2.8.0 permite /log_proxy SSRF. NOTA: la posici\u00f3n del proveedor es que este informe es irrelevante porque Ray, como se indica en su documentaci\u00f3n, no est\u00e1 manipulado para su uso fuera de un entorno de red estrictamente controlado."}], "lastModified": "2024-10-11T21:36:14.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:anyscale:ray:2.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1083D908-E7F7-44BE-89CD-B760224C5585"}, {"criteria": "cpe:2.3:a:anyscale:ray:2.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE882370-6570-49E0-A11F-95D3FBCD4714"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}