{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-43791", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-09-22T14:51:42.339Z", "datePublished": "2023-11-09T14:42:40.750Z", "dateUpdated": "2024-09-03T18:46:40.834Z"}, "containers": {"cna": {"title": "Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m"}, {"name": "https://github.com/HumanSignal/label-studio/pull/4690", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/pull/4690"}, {"name": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b"}, {"name": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2"}], "affected": [{"vendor": "HumanSignal", "product": "label-studio", "versions": [{"version": "<= 1.8.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-11-09T14:42:40.750Z"}, "descriptions": [{"lang": "en", "value": "Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced."}], "source": {"advisory": "GHSA-f475-x83m-rx5m", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:52:11.411Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m"}, {"name": "https://github.com/HumanSignal/label-studio/pull/4690", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/pull/4690"}, {"name": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b"}, {"name": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-03T18:43:34.308098Z", "id": "CVE-2023-43791", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T18:46:40.834Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/HumanSignal/label-studio/pull/4690", "name": "https://github.com/HumanSignal/label-studio/pull/4690", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "name": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "name": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:52:11.411Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-43791", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-03T18:43:34.308098Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T18:44:37.496Z"}}], "cna": {"title": "Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session Tokens", "source": {"advisory": "GHSA-f475-x83m-rx5m", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "HumanSignal", "product": "label-studio", "versions": [{"status": "affected", "version": "<= 1.8.1"}]}], "references": [{"url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "name": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/HumanSignal/label-studio/pull/4690", "name": "https://github.com/HumanSignal/label-studio/pull/4690", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "name": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "name": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-11-09T14:42:40.750Z"}}}, "cveMetadata": {"cveId": "CVE-2023-43791", "state": "PUBLISHED", "dateUpdated": "2024-09-03T18:46:40.834Z", "dateReserved": "2023-09-22T14:51:42.339Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-11-09T14:42:40.750Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:humansignal:label_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACEFE38F-DAA5-4450-9527-0669A8790ADC", "versionEndExcluding": "1.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Label Studio is a multi-type data labeling and annotation tool with standardized output format. There is a vulnerability that can be chained within the ORM Leak vulnerability to impersonate any account on Label Studio. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability was found to affect versions before `1.8.2`, where a patch was introduced."}, {"lang": "es", "value": "Label Studio es una herramienta de anotaci\u00f3n y etiquetado de datos de varios tipos con formato de salida estandarizado. Existe una vulnerabilidad que se puede encadenar dentro de la vulnerabilidad ORM Leak para hacerse pasar por cualquier cuenta en Label Studio. Un atacante podr\u00eda aprovechar estas vulnerabilidades para escalar sus privilegios de un usuario con permisos bajos a un usuario s\u00faper administrador de Django. Se descubri\u00f3 que la vulnerabilidad afectaba a versiones anteriores a la \"1.8.2\", donde se introdujo un parche."}], "id": "CVE-2023-43791", "lastModified": "2024-11-21T08:24:47.447", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-09T15:15:08.743", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/HumanSignal/label-studio/pull/4690"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/HumanSignal/label-studio/commit/3d06c5131c15600621e08b06f07d976887cde81b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/HumanSignal/label-studio/pull/4690"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/HumanSignal/label-studio/releases/tag/1.8.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-f475-x83m-rx5m"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{}