Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-48022

Published: 28/11/2023 Updated: 17/05/2024
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

Anyscale Ray 2.6.3 and 2.8.0 allows a remote malicious user to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

anyscale ray 2.8.0

anyscale ray 2.6.3

Vendor Advisories

Check Point Security Alerts: Anyscale Ray Remote Code Execution (CVE-2023-48022)
Check Point Reference: CPAI-2023-1457 Date Published: 25 Jan 2024 Severity: Critical ...

Github Repositories

https://github.com/0x656565/CVE-2023-48022

CVE-2023-48022 exploit modified from Bishop Fox work

CVE-2023-48022 CVE-2023-48022 exploit modified from Bishop Fox work How to use set ip and port in jobspy set payload in maliciouspy $ pip install ray $ python3 jobspy

Recent Articles

Hackers exploit Ray framework flaw to breach servers, hijack resources
BleepingComputer • Bill Toulas • 26 Mar 2024

Hackers exploit Ray framework flaw to breach servers, hijack resources By Bill Toulas March 26, 2024 02:51 PM 0 A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies. According to a report by application security firm Oligo, these attacks have been underway since at least September 5, 2023, targeting education, cryptocurrency, biopharma, and other secto...

Read more...
'Thousands' of businesses at mercy of miscreants thanks to unpatched Ray AI flaw
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Anyscale claims issue is 'long-standing design decision' – as users are raided by intruders

Thousands of companies remain vulnerable to a remote-code-execution bug in Ray, an open-source AI framework used by Amazon, OpenAI, and others, that is being abused by miscreants in the wild to steal sensitive data and illicitly mine for cryptocurrency. This is according to Oligo Security, which dubbed the unpatched vulnerability ShadowRay. The oversight is tracked as CVE-2023-48022, with a critical 9.8 out of 10 CVSS severity rating. On Tuesday the security shop's Avi Lumelsky, Guy Kaplan,...

Read more...

References

CWE-918https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0https://docs.ray.io/en/latest/ray-security/index.htmlhttps://www.vicarius.io/vsociety/posts/shadowray-cve-2023-48022-exploithttps://nvd.nist.govhttps://github.com/0x656565/CVE-2023-48022https://www.theregister.co.uk/2024/03/27/ray_ai_framework_bug/https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1457.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976CVE-2024-33557CVE-2024-36801CVE-2024-35654authentication bypassCVE-2024-24919CSRFcode executionCVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook