Vulnerability-Lookup

CNVD-2024-46010

Vulnerability from cnvd - Published: 2024-11-26

Title

Polyaxon容器逃逸漏洞

Description

Polyaxon是一个开源平台，旨在简化机器学习和深度学习项目的生命周期管理。 Polyaxon存在容器逃逸漏洞，攻击者可利用该漏洞影响系统的机密性，可用性，完整性。目前暂无漏洞细节。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://github.com/polyaxon/polyaxon

Reference

https://github.com/polyaxon/polyaxon

Impacted products

Name
Polyaxon Polyaxon

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-9363"
    }
  },
  "description": "Polyaxon\u662f\u4e00\u4e2a\u5f00\u6e90\u5e73\u53f0\uff0c\u65e8\u5728\u7b80\u5316\u673a\u5668\u5b66\u4e60\u548c\u6df1\u5ea6\u5b66\u4e60\u9879\u76ee\u7684\u751f\u547d\u5468\u671f\u7ba1\u7406\u3002\n\nPolyaxon\u5b58\u5728\u5bb9\u5668\u9003\u9038\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u7cfb\u7edf\u7684\u673a\u5bc6\u6027\uff0c\u53ef\u7528\u6027\uff0c\u5b8c\u6574\u6027\u3002\u76ee\u524d\u6682\u65e0\u6f0f\u6d1e\u7ec6\u8282\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://github.com/polyaxon/polyaxon",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-46010",
  "openTime": "2024-11-26",
  "products": {
    "product": "Polyaxon Polyaxon"
  },
  "referenceLink": "https://github.com/polyaxon/polyaxon",
  "serverity": "\u9ad8",
  "submitTime": "2024-11-26",
  "title": "Polyaxon\u5bb9\u5668\u9003\u9038\u6f0f\u6d1e"
}

CVE-2024-9363 (GCVE-0-2024-9363)

Vulnerability from cvelistv5 – Published: 2025-03-20 10:09 – Updated: 2025-03-20 18:56

Title

Unauthorized File Deletion in polyaxon/polyaxon

Summary

An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform, which can lead to denial of service by terminating critical containers. An attacker can delete important files within the containers, such as `polyaxon.sock`, causing the API container to exit unexpectedly. This disrupts related services and prevents the system from functioning normally, without requiring authentication or UUID parameters.

Severity ?

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-23 - Relative Path Traversal

Assigner

@huntr_ai

References

URL

Tags

https://huntr.com/bounties/ec7b7e1d-795d-4414-93d…

Impacted products

	Vendor	Product	Version
	polyaxon	polyaxon/polyaxon	Affected: unspecified , ≤ latest (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9363",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-20T17:54:01.773759Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-20T18:56:16.931Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "polyaxon/polyaxon",
          "vendor": "polyaxon",
          "versions": [
            {
              "lessThanOrEqual": "latest",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform, which can lead to denial of service by terminating critical containers. An attacker can delete important files within the containers, such as `polyaxon.sock`, causing the API container to exit unexpectedly. This disrupts related services and prevents the system from functioning normally, without requiring authentication or UUID parameters."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-23",
              "description": "CWE-23 Relative Path Traversal",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-20T10:09:20.436Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntr_ai"
      },
      "references": [
        {
          "url": "https://huntr.com/bounties/ec7b7e1d-795d-4414-93d5-9df35d2fd391"
        }
      ],
      "source": {
        "advisory": "ec7b7e1d-795d-4414-93d5-9df35d2fd391",
        "discovery": "EXTERNAL"
      },
      "title": "Unauthorized File Deletion in polyaxon/polyaxon"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntr_ai",
    "cveId": "CVE-2024-9363",
    "datePublished": "2025-03-20T10:09:20.436Z",
    "dateReserved": "2024-09-30T19:09:15.973Z",
    "dateUpdated": "2025-03-20T18:56:16.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2024-46010

CVE-2024-9363 (GCVE-0-2024-9363)

Tags

Sightings

Nomenclature