GHSA-j3vq-pmp5-r5xj: Missing ratelimit on passwrod resets in zenml

Skip to content

Navigation Menu

• • GitHub Copilot

    Write better code with AI

  • Security

    Find and fix vulnerabilities

  • Actions

    Automate any workflow

  • Codespaces

    Instant dev environments

  • Issues

    Plan and track work

  • Code Review

    Manage code changes

  • Discussions

    Collaborate outside of code

  • Code Search

    Find more, search less

• Explore

  • Learning Pathways
  • White papers, Ebooks, Webinars
  • Customer Stories
  • Partners

• • GitHub Sponsors

    Fund open source developers

*   The ReadME Project
    
    GitHub community articles

• • Enterprise platform

    AI-powered developer platform

• Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2024-4311

Missing ratelimit on passwrod resets in zenml

Moderate severity GitHub Reviewed Published Nov 14, 2024 to the GitHub Advisory Database • Updated Nov 14, 2024

Affected versions

< 0.57.0rc2

Patched versions

0.57.0rc2

Description

zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the ‘Update Password’ function, allowing them to take over the user’s account. This vulnerability is due to the absence of rate-limiting on the ‘/api/v1/current-user’ endpoint, which does not restrict the number of attempts an attacker can make to guess the current password. Successful exploitation results in the attacker being able to change the password and take control of the account.

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-4311
• zenml-io/zenml@87a6c2c
• https://huntr.com/bounties/d5517e1a-6b94-4e38-aad6-3aa65f98bec2

Published to the GitHub Advisory Database

Nov 14, 2024

Last updated

Nov 14, 2024