CVSS: 2.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32969 – vantage6 collaboration admins can extend their influence by expanding the collaboration
https://notcve.org/view.php?id=CVE-2024-32969
vantage6 is an open-source infrastructure for privacy preserving analysis. Collaboration administrators can add extra organizations to their collaboration that can extend their influence. For example, organizations that they include can then create new users for which they know the passwords, and use that to read task results of other collaborations that that organization is involved in. This is only relatively trusted users - with access to manage a collaboration - are able to do this, which reduces the impact. This vulnerability was patched in version 4.5.0rc3. vantage6 es una infraestructura de código abierto para análisis de preservación de la privacidad. • https://github.com/vantage6/vantage6/commit/27f4ee3fade5f4cbcf3e60899c9a2a91145e0b56 https://github.com/vantage6/vantage6/security/advisories/GHSA-99r4-cjp4-3hmx • CWE-284: Improper Access Control •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24562 – Security headers not set in vantage6-UI
https://notcve.org/view.php?id=CVE-2024-24562
vantage6-UI is the official user interface for the vantage6 server. In affected versions a number of security headers are not set. This issue has been addressed in commit `68dfa6614` which is expected to be included in future releases. Users are advised to upgrade when a new release is made. While an upgrade path is not available users may modify the docker image build to insert the headers into nginx. vantage6-UI es la interfaz de usuario oficial para el servidor vantage6. • https://github.com/vantage6/vantage6-UI/commit/68dfa661415182da0e5717bd58db3d00aedcbd2e https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-gwq3-pvwq-4c9w • CWE-668: Exposure of Resource to Wrong Sphere CWE-693: Protection Mechanism Failure •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23823 – CORS settings overly permissive in vantage6
https://notcve.org/view.php?id=CVE-2024-23823
vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impact is limited because v6 does not use session cookies. This issue has been addressed in commit `70bb4e1d8` and is expected to ship in subsequent releases. • https://github.com/vantage6/vantage6/commit/70bb4e1d889230a841eb364d6c03accd7dd01a41 https://github.com/vantage6/vantage6/security/advisories/GHSA-4946-85pr-fvxh • CWE-863: Incorrect Authorization CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24770 – Username timing attack on recover password/MFA token in vantage6
https://notcve.org/view.php?id=CVE-2024-24770
vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. Much like GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes `/recover/lost` and `/2fa/lost`. These routes send emails to users if they have lost their password or MFA token. This issue has been addressed in commit `aecfd6d0e` and is expected to ship in subsequent releases. Users are advised to upgrade as soon as a new release is available. • https://github.com/vantage6/vantage6/commit/aecfd6d0e83165a41a60ebd52d2287b0217be26b https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53 https://github.com/vantage6/vantage6/security/advisories/GHSA-5h3x-6gwf-73jm • CWE-208: Observable Timing Discrepancy CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22200 – vantage6-UI docker image leaks software version information
https://notcve.org/view.php?id=CVE-2024-22200
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0. vantage6-UI es la interfaz de usuario de vantage6. La imagen de la ventana acoplable utilizada para ejecutar la interfaz de usuario filtra la versión de nginx. • https://github.com/vantage6/vantage6-UI/commit/92e0fb5102b544d5bcc23980d973573733e2e020 https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-8wxq-346h-xmr8 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •