CVE-2023-43791

{"id": "CVE-2023-43791", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-11-09T15:15:08.743", "references": [{"url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/HumanSignal/label-studio/pull/4690", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/HumanSignal/label-studio/pull/4690", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced."}, {"lang": "es", "value": "Label Studio es una herramienta de anotaci\u00f3n y etiquetado de datos de varios tipos con formato de salida estandarizado. Existe una vulnerabilidad que se puede encadenar dentro de la vulnerabilidad ORM Leak para hacerse pasar por cualquier cuenta en Label Studio. Un atacante podr\u00eda aprovechar estas vulnerabilidades para escalar sus privilegios de un usuario con permisos bajos a un usuario s\u00faper administrador de Django. Se descubri\u00f3 que la vulnerabilidad afectaba a versiones anteriores a la \"1.8.2\", donde se introdujo un parche."}], "lastModified": "2024-11-21T08:24:47.447", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACEFE38F-DAA5-4450-9527-0669A8790ADC", "versionEndExcluding": "1.8.2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}