CVE-2024-27320

An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a maliciously crafted CSV file containing Python code, the code will be passed to an eval function which executes it.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:refuel:autolabel:*:*:*:*:*:*:*:*

History

23 Sep 2024, 13:56

Type	Values Removed	Values Added
CPE		cpe:2.3:a:refuel:autolabel::::::::
CWE		CWE-1236
First Time		Refuel autolabel Refuel
References	~~() https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel/ -~~	() https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel/ - Third Party Advisory

12 Sep 2024, 18:14

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-12 13:15

Updated : 2024-09-23 13:56

NVD link : CVE-2024-27320

Mitre link : CVE-2024-27320

CVE.ORG link : CVE-2024-27320

JSON object : View

Products Affected

refuel

autolabel

CWE

CWE-1236

Improper Neutralization of Formula Elements in a CSV File

CWE-95

Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

{"id": "CVE-2024-27320", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-09-12T13:15:11.987", "references": [{"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel/", "tags": ["Third Party Advisory"], "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-1236"}]}, {"type": "Secondary", "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "description": [{"lang": "en", "value": "CWE-95"}]}], "descriptions": [{"lang": "en", "value": "An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a maliciously crafted CSV file containing Python code, the code will be passed to an eval function which executes it."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario en las versiones 0.0.8 y posteriores de la librer\u00eda Refuel Autolabel debido a la forma en que sus tareas de clasificaci\u00f3n manejan los archivos CSV proporcionados. Si un usuario v\u00edctima crea una tarea de clasificaci\u00f3n utilizando un archivo CSV manipulado con fines malintencionados que contiene c\u00f3digo Python, el c\u00f3digo se pasar\u00e1 a una funci\u00f3n eval que lo ejecutar\u00e1."}], "lastModified": "2024-09-23T13:56:48.353", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:refuel:autolabel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34DA97A8-DFF9-46D6-9821-12DE59309BA7", "versionStartIncluding": "0.0.8"}], "operator": "OR"}]}], "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"}