Lablup BackendAI Missing Authorization Vulnerability Allowing Session Takeover
Vulnerability
A vulnerability in Lablup's BackendAI exists in all current versions, allowing attackers to take over active sessions. This session takeover enables access to, theft of, or alteration of any data available in the session. The vulnerability arises from missing authorization, which could lead to unauthorized access and manipulation of user data.
Impact
Exploitation of this vulnerability allows for unauthorized access to user sessions, with the potential to steal, alter, or misuse any data accessible within those sessions. In some cases, this could grant super administrator privileges.
Reproduction
The vulnerability can be reproduced by initiating an interactive session with BackendAI. Once the session is active, the file '/home/config/environ.txt' can be accessed, which contains sensitive information such as the user's email, access key, and session settings. This information can be used to perform actions on behalf of the user, potentially elevating privileges to super administrator.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.