CVE-2022-24758

The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Jupyter notebook version 6.4.x contains a patch for this issue. There are currently no known workarounds.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*

History

08 Apr 2022, 16:28

Type	Values Removed	Values Added
CPE		cpe:2.3:a:jupyter:notebook::::::::
First Time		Jupyter notebook Jupyter
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 7.5
References	~~(CONFIRM) https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55 -~~	(CONFIRM) https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55 - Third Party Advisory

31 Mar 2022, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-03-31 23:15

Updated : 2023-12-10 14:22

NVD link : CVE-2022-24758

Mitre link : CVE-2022-24758

CVE.ORG link : CVE-2022-24758

JSON object : View

Products Affected

jupyter

notebook

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2022-24758", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-03-31T23:15:07.997", "references": [{"url": "https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Jupyter notebook version 6.4.x contains a patch for this issue. There are currently no known workarounds."}, {"lang": "es", "value": "Jupyter notebook es un entorno de cuaderno basado en la web para la computaci\u00f3n interactiva. En versiones anteriores a 6.4.9, actores no autorizados pueden acceder a informaci\u00f3n confidencial de los registros del servidor. Cada vez que es producido un error 5xx, la cookie de autenticidad y otros valores de encabezados son registrados por defecto en los registros del servidor Jupyter. Teniendo en cuenta que estos registros no requieren acceso de root, un atacante puede monitorear estos registros, robar informaci\u00f3n confidencial de auth/cookie, y conseguir acceso al servidor Jupyter. Jupyter notebook versi\u00f3n 6.4.x, contiene un parche para este problema. Actualmente no se presentan medidas de mitigaci\u00f3n conocidas"}], "lastModified": "2022-04-08T16:28:25.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5D2C112-8A9C-4C77-B6E9-FE884960EA83", "versionEndExcluding": "6.4.10"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}