CVE-2024-6960 HIGH

CVE-2024-6960: H2O deserializes ML models without filtering, potentially allowing execution of malicious code

Weakness CWE-502 · Unsafe deserialization

Published July 21, 2024

Last update November 25, 2024

View on NVD All CVEs

CVSS base score

7.5/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized (no class whitelist). An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform.

Key dates

02Disclosure timeline

July 21, 2024 CVE published

November 25, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-6960 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/502.html

Related vulnerabilities

CVE-2024-6960: H2O deserializes ML models without filtering, potentially allowing execution of malicious code

01Description

02Disclosure timeline

03References

04Related CVE