CVE-2024-28179
अनुवाद हो रहा है…प्लेटफ़ॉर्म
python
घटक
jupyter-server-proxy
में ठीक किया गया
4.0.1
3.2.4
4.1.1
3.2.3
CVE-2024-28179 is a critical vulnerability affecting Jupyter Server Proxy versions up to 4.1.0. This flaw allows unauthenticated users to access websocket endpoints, potentially leading to remote code execution. The vulnerability stems from inadequate user authentication checks when proxying websockets. A fix is available in version 3.2.3.
इस CVE को अपने प्रोजेक्ट में पहचानें
अपनी requirements.txt फ़ाइल अपलोड करें और तुरंत जानें कि आप प्रभावित हैं या नहीं।
प्रभाव और हमले की स्थितियाँअनुवाद हो रहा है…
The impact of CVE-2024-28179 is severe. An attacker can exploit this vulnerability to gain unauthenticated access to websocket endpoints managed by Jupyter Server Proxy. This access can be leveraged to execute arbitrary code on the server, potentially compromising the entire Jupyter notebook environment. The attacker could steal sensitive data, modify notebooks, install malware, or even gain persistent access to the system. The blast radius extends to any user or system interacting with the vulnerable Jupyter Server Proxy instance, particularly those relying on websocket communication for data exchange or real-time interactions.
शोषण संदर्भअनुवाद हो रहा है…
CVE-2024-28179 was publicly disclosed on March 20, 2024. The vulnerability has a high probability of exploitation (EPSS score likely to be high) due to its ease of exploitation and the critical nature of the potential impact. Public proof-of-concept exploits are likely to emerge quickly. This vulnerability is not currently listed on the CISA KEV catalog, but its severity warrants close monitoring.
कौन जोखिम में हैअनुवाद हो रहा है…
Organizations and individuals using Jupyter notebooks in production environments, particularly those relying on Jupyter Server Proxy for websocket communication, are at significant risk. Shared hosting environments where Jupyter notebooks are deployed could be particularly vulnerable, as attackers might exploit the vulnerability to compromise multiple users.
पहचान के चरणअनुवाद हो रहा है…
• python / jupyter:
import subprocess
result = subprocess.run(['jupyter', 'server', '--version'], capture_output=True, text=True)
if result.stdout.strip() <= '4.1.0':
print("Vulnerable version detected!")• linux / server:
ps aux | grep jupyter-server-proxy | grep -q 'websocket'
if [ $? -eq 0 ]; then
echo "Jupyter Server Proxy with websocket enabled detected - investigate further!"
fi• generic web:
curl -I http://<jupyter_server_proxy_url>/api/routes | grep -q 'websocket'
if [ $? -eq 0 ]; then
echo "Websocket endpoint detected - potential vulnerability!"
fiहमले की समयरेखा
- Disclosure
disclosure
खतरा खुफिया
एक्सप्लॉइट स्थिति
EPSS
0.35% (58% शतमक)
CISA SSVC
CVSS वेक्टर
इन मेट्रिक्स का क्या मतलब है?
- Attack Vector
- नेटवर्क — इंटरनेट के माध्यम से दूरस्थ रूप से शोषण योग्य। कोई भौतिक या स्थानीय पहुंच आवश्यक नहीं।
- Attack Complexity
- निम्न — कोई विशेष शर्त नहीं। विश्वसनीय रूप से शोषण योग्य।
- Privileges Required
- कोई नहीं — बिना प्रमाणीकरण के शोषण योग्य।
- User Interaction
- कोई नहीं — स्वचालित और मूक हमला। पीड़ित कुछ नहीं करता।
- Scope
- अपरिवर्तित — प्रभाव केवल कमज़ोर घटक तक सीमित।
- Confidentiality
- उच्च — पूर्ण गोपनीयता हानि। हमलावर सभी डेटा पढ़ सकता है।
- Integrity
- उच्च — हमलावर कोई भी डेटा लिख, बदल या हटा सकता है।
- Availability
- उच्च — पूर्ण क्रैश या संसाधन समाप्ति। पूर्ण सेवा से इनकार।
प्रभावित सॉफ्टवेयर
कमजोरी वर्गीकरण (CWE)
समयरेखा
- आरक्षित
- प्रकाशित
- संशोधित
- EPSS अद्यतन
शमन और वर्कअराउंडअनुवाद हो रहा है…
The primary mitigation for CVE-2024-28179 is to upgrade Jupyter Server Proxy to version 3.2.3 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting network access to the Jupyter Server Proxy endpoint using a firewall or intrusion prevention system. Review and strengthen authentication mechanisms for websocket endpoints. Monitor Jupyter Server Proxy logs for suspicious activity, particularly unauthorized access attempts. After upgrading, confirm the fix by attempting to access a websocket endpoint without authentication and verifying that access is denied.
कैसे ठीक करें
Jupyter Server Proxy को संस्करण 3.2.3 या उच्चतर, या संस्करण 4.1.1 या उच्चतर में अपडेट करें। यह वेबसॉकेट प्रॉक्सी में प्रमाणीकरण भेद्यता को ठीक करता है। अपडेट करने के लिए `pip install --upgrade jupyter-server-proxy` चलाएं।
CVE सुरक्षा न्यूज़लेटर
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
अक्सर पूछे जाने वाले सवालअनुवाद हो रहा है…
What is CVE-2024-28179 — Unauth Websocket Access in Jupyter Server Proxy?
CVE-2024-28179 is a critical vulnerability in Jupyter Server Proxy versions up to 4.1.0 that allows unauthenticated users to access websocket endpoints, potentially leading to remote code execution.
Am I affected by CVE-2024-28179 in Jupyter Server Proxy?
You are affected if you are using Jupyter Server Proxy versions 4.1.0 or earlier. Check your version immediately.
How do I fix CVE-2024-28179 in Jupyter Server Proxy?
Upgrade Jupyter Server Proxy to version 3.2.3 or later to resolve the vulnerability. If upgrading is not possible, implement temporary workarounds like restricting network access.
Is CVE-2024-28179 being actively exploited?
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of exploitation. Monitor your systems closely.
Where can I find the official Jupyter Server Proxy advisory for CVE-2024-28179?
Refer to the official Jupyter Server Proxy security advisory for detailed information and updates: https://github.com/jupyter/server-proxy/security/advisories/GHSA-xxxx-xxxx-xxxx
क्या आपका प्रोजेक्ट प्रभावित है?
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।