zenml-io zenml up to 0.56.x /api/v1/current-user allocation of resources

Summaryinfo

A vulnerability was found in zenml-io zenml up to 0.56.x. It has been classified as problematic. Impacted is an unknown function of the file /api/v1/current-user. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2024-4311. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability was found in zenml-io zenml up to 0.56.x. It has been rated as problematic. This issue affects an unknown code block of the file /api/v1/current-user. The manipulation with an unknown input leads to a allocation of resources vulnerability. Using CWE to declare the problem leads to CWE-770. The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor. Impacted is confidentiality, and availability. The summary by CVE is:

zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the absence of rate-limiting on the '/api/v1/current-user' endpoint, which does not restrict the number of attempts an attacker can make to guess the current password. Successful exploitation results in the attacker being able to change the password and take control of the account.

The advisory is shared at huntr.com. The identification of this vulnerability is CVE-2024-4311 since 04/29/2024. The exploitation is known to be difficult. The attack may be initiated remotely. It demands that the victim is doing some kind of user interaction. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1499 for this issue.

The vulnerability scanner Nessus provides a plugin with the ID 213484 (ZenML < 0.57.0 Password Reset Brute Force (CVE-2024-4311)), which helps to determine the existence of the flaw in a target environment.

Upgrading to version 0.57.0 eliminates this vulnerability. Applying the patch 87a6c2c8f45b49ea83fbb5fe8fff7ab5365a60c9 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the vulnerability database at Tenable (213484). If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Vendor

• zenml-io

Name

• zenml

Version

• 0.1
• 0.2
• 0.3
• 0.4
• 0.5
• 0.6
• 0.7
• 0.8
• 0.9
• 0.10
• 0.11
• 0.12
• 0.13
• 0.14
• 0.15
• 0.16
• 0.17
• 0.18
• 0.19
• 0.20
• 0.21
• 0.22
• 0.23
• 0.24
• 0.25
• 0.26
• 0.27
• 0.28
• 0.29
• 0.30
• 0.31
• 0.32
• 0.33
• 0.34
• 0.35
• 0.36
• 0.37
• 0.38
• 0.39
• 0.40
• 0.41
• 0.42
• 0.43
• 0.44
• 0.45
• 0.46
• 0.47
• 0.48
• 0.49
• 0.50
• 0.51
• 0.52
• 0.53
• 0.54
• 0.55
• 0.56

License

• open-source

Website

• Product: https://github.com/zenml-io/zenml/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion