CVSS: 2.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32969 – vantage6 collaboration admins can extend their influence by expanding the collaboration
https://notcve.org/view.php?id=CVE-2024-32969
vantage6 is an open-source infrastructure for privacy preserving analysis. Collaboration administrators can add extra organizations to their collaboration that can extend their influence. For example, organizations that they include can then create new users for which they know the passwords, and use that to read task results of other collaborations that that organization is involved in. This is only relatively trusted users - with access to manage a collaboration - are able to do this, which reduces the impact. This vulnerability was patched in version 4.5.0rc3. vantage6 es una infraestructura de código abierto para análisis de preservación de la privacidad. • https://github.com/vantage6/vantage6/commit/27f4ee3fade5f4cbcf3e60899c9a2a91145e0b56 https://github.com/vantage6/vantage6/security/advisories/GHSA-99r4-cjp4-3hmx • CWE-284: Improper Access Control •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23823 – CORS settings overly permissive in vantage6
https://notcve.org/view.php?id=CVE-2024-23823
vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impact is limited because v6 does not use session cookies. This issue has been addressed in commit `70bb4e1d8` and is expected to ship in subsequent releases. • https://github.com/vantage6/vantage6/commit/70bb4e1d889230a841eb364d6c03accd7dd01a41 https://github.com/vantage6/vantage6/security/advisories/GHSA-4946-85pr-fvxh • CWE-863: Incorrect Authorization CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24770 – Username timing attack on recover password/MFA token in vantage6
https://notcve.org/view.php?id=CVE-2024-24770
vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. Much like GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes `/recover/lost` and `/2fa/lost`. These routes send emails to users if they have lost their password or MFA token. This issue has been addressed in commit `aecfd6d0e` and is expected to ship in subsequent releases. Users are advised to upgrade as soon as a new release is available. • https://github.com/vantage6/vantage6/commit/aecfd6d0e83165a41a60ebd52d2287b0217be26b https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53 https://github.com/vantage6/vantage6/security/advisories/GHSA-5h3x-6gwf-73jm • CWE-208: Observable Timing Discrepancy CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22193 – vantage6 unencrypted task can be created in encrypted collaboration
https://notcve.org/view.php?id=CVE-2024-22193
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0. • https://github.com/vantage6/vantage6/commit/6383283733b81abfcacfec7538dc4dc882e98074 https://github.com/vantage6/vantage6/security/advisories/GHSA-rjmv-52mp-gjrr • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21671 – vantage6 username timing attack
https://notcve.org/view.php?id=CVE-2024-21671
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this vulnerability. La tecnología vantage6 permite gestionar e implementar tecnologías que mejoran la privacidad, como el Federated Learning (FL) y la Multi-Party Computation (MPC). • https://github.com/vantage6/vantage6/commit/389f416c445da4f2438c72f34c3b1084485c4e30 https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53 • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy •