CVE-2023-23930 - OpenCVE

vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version 4.0.0 contains a patch. Users may specify JSON serialization as a workaround.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Vantage6	Vantage6

Configuration 1 [-]

cpe:2.3:a:vantage6:vantage6:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400	Release Notes
https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0	Patch
https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6	Vendor Advisory
https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9	Exploit Permissions Required Technical Description Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-11T17:39:23.504Z

Updated: 2023-10-11T18:50:53.413Z

Reserved: 2023-01-19T21:12:31.360Z

Link: CVE-2023-23930

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-11T18:15:10.037

Modified: 2023-10-13T21:27:29.790

Link: CVE-2023-23930

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-23930", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-01-19T21:12:31.360Z", "datePublished": "2023-10-11T17:39:23.504Z", "dateUpdated": "2023-10-11T18:50:53.413Z"}, "containers": {"cna": {"title": "vantage6's Pickle serialization is insecure", "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "lang": "en", "description": "CWE-502: Deserialization of Untrusted Data", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6"}, {"name": "https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0", "tags": ["x_refsource_MISC"], "url": "https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0"}, {"name": "https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400", "tags": ["x_refsource_MISC"], "url": "https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400"}, {"name": "https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9", "tags": ["x_refsource_MISC"], "url": "https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9"}], "affected": [{"vendor": "vantage6", "product": "vantage6", "versions": [{"version": "< 4.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-10-11T18:50:53.413Z"}, "descriptions": [{"lang": "en", "value": "vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version 4.0.0 contains a patch. Users may specify JSON serialization as a workaround."}], "source": {"advisory": "GHSA-5m22-cfq9-86x6", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vantage6:vantage6:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D0FAD5D-F686-426B-9539-38F6F036D97B", "versionEndExcluding": "4.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version 4.0.0 contains a patch. Users may specify JSON serialization as a workaround."}, {"lang": "es", "value": "vantage6 es una infraestructura de aprendizaje federada que preserva la privacidad. Las versiones anteriores a la 4.0.0 usan pickle, que tiene problemas de seguridad conocidos, como m\u00f3dulo de serializaci\u00f3n predeterminado pero que tiene problemas de seguridad conocidos. Todos los usuarios de vantage6 que publican tareas con la serializaci\u00f3n predeterminada se ven afectados. La versi\u00f3n 4.0.0 contiene un parche. Los usuarios pueden especificar la serializaci\u00f3n JSON como workaround."}], "id": "CVE-2023-23930", "lastModified": "2023-10-13T21:27:29.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-10-11T18:15:10.037", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Permissions Required", "Technical Description", "Third Party Advisory"], "url": "https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "security-advisories@github.com", "type": "Primary"}]}