Plattform
kubernetes
Komponente
polyaxon/polyaxon
CVE-2024-9363 describes a critical file deletion vulnerability within the Polyaxon platform, a machine learning orchestration tool. This flaw allows unauthorized attackers to delete essential files within running containers, leading to denial of service. The vulnerability affects all versions of Polyaxon up to the latest release and does not require authentication to exploit.
The primary impact of CVE-2024-9363 is denial of service. By deleting files such as polyaxon.sock, an attacker can force the API container to exit unexpectedly. This disruption cascades, impacting related services and rendering the Polyaxon platform unusable. The lack of authentication requirements significantly broadens the attack surface, making it easier for malicious actors to exploit this vulnerability. The blast radius extends to any service dependent on the Polyaxon platform, potentially impacting machine learning workflows and data pipelines. This vulnerability shares similarities with other container escape vulnerabilities where file system access is exploited to disrupt service operation.
CVE-2024-9363 was publicly disclosed on 2025-03-20. The vulnerability's ease of exploitation and lack of authentication requirements suggest a medium probability of exploitation (EPSS score likely medium). No public proof-of-concept (PoC) code has been publicly released as of this writing, but the vulnerability's simplicity makes it likely that one will emerge. Monitor security advisories and threat intelligence feeds for updates.
Organizations heavily reliant on Polyaxon for machine learning orchestration and deployment are at significant risk. Specifically, deployments with overly permissive Kubernetes RBAC configurations or those lacking robust container security practices are particularly vulnerable. Shared Kubernetes clusters hosting multiple Polyaxon instances should be prioritized for patching.
• kubernetes / container:
kubectl get pods -n <namespace> -l app=polyaxon -o jsonpath='{.items[*].status.containerStatuses[*].name}'• kubernetes / container:
kubectl exec -it <pod-name> -n <namespace> -- ps -ef | grep polyaxon• kubernetes / container: Monitor Kubernetes audit logs for unusual file deletion events within Polyaxon containers. • kubernetes / container: Implement a container security policy that restricts file system access for Polyaxon containers.
disclosure
Exploit-Status
EPSS
0.49% (66% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-9363 is to upgrade to a patched version of Polyaxon as soon as it becomes available. Until a patch is deployed, consider implementing stricter Kubernetes Role-Based Access Control (RBAC) policies to limit file system access within containers. Implement network policies to restrict access to the Polyaxon API container. Monitor container logs for suspicious file deletion activity. While a direct workaround is unavailable, enhanced security practices can reduce the attack surface. After upgrading, verify the integrity of the Polyaxon deployment by confirming that critical files are present and accessible within the containers.
Actualice Polyaxon a la última versión disponible. Esto debería incluir la corrección para la vulnerabilidad de eliminación de archivos no autorizada. Consulte las notas de la versión para obtener más detalles sobre la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-9363 is a HIGH severity vulnerability in Polyaxon allowing unauthorized file deletion within containers, leading to denial of service. It affects all versions up to the latest.
If you are using Polyaxon up to the latest version and have not upgraded, you are potentially affected. Assess your Kubernetes RBAC policies and container security practices.
Upgrade to a patched version of Polyaxon as soon as it becomes available. Until then, implement stricter RBAC and network policies.
While no public exploits are currently known, the vulnerability's simplicity suggests a potential for exploitation. Monitor security advisories.
Refer to the official Polyaxon security advisories and release notes on their website or GitHub repository for updates and patch information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.