CVE-2022-24757 Information

Description

The Jupyter Server provides the backend (i.e. the core services APIs and REST endpoints) for Jupyter web applications. Prior to version 1.15.4 unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access an attacker can monitor these logs steal sensitive auth/cookie information and gain access to the Jupyter server. Jupyter Server version 1.15.4 contains a patch for this issue. There are currently no known workarounds.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-p737-p57g-4cpr https://github.com/jupyter-server/jupyter_server/commit/a5683aca0b0e412672ac6218d09f74d44ca0de5a

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5