CRITICAL🇵🇱 Wersja polska

CVE-2023-48022

CVSS 9.8v3.1pub. 2023-11-28upd. 2025-12-17

Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment. (Also, within that environment, customers at version 2.52.0 and later can choose to use token authentication.)

🤖 AI Analysis
How it works

The attacker sends a specially crafted request to the job submission API of the Anyscale Ray platform without needing to possess any credentials. The API accepts tasks for execution and processes them in the runtime environment, which corresponds to an SSRF-class vulnerability (CWE-918) or leads to arbitrary code execution in the service context. The manufacturer maintains that Ray is intended exclusively for use in a strictly controlled network environment, however, in practice instances are often exposed externally.

Impact

An unauthenticated remote attacker can gain full control over the system running Ray, including reading and modifying data and affecting service availability.

Mitigation & patch

Access to the Ray cluster should be restricted to trusted, isolated internal networks only and the job submission API should not be exposed publicly. The manufacturer indicates that starting from version 2.52.0, token authentication is available — it should be enabled. Patches provided by the manufacturer should be applied according to the references.

Who is affected

Anyscale Ray in versions 2.6.3 and 2.8.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Anyscale Ray

    APP
    Anyscale
    2.6.32.8.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-48023CRITICAL9.1PL ✓ten sam produkt

SSRF w Anyscale Ray poprzez endpoint /log_proxy

CVE-2026-41486HIGH8.9ten sam produkt

Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow ext...

CVE-2026-32981HIGH8.7ten sam produkt

A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2....

CVE-2026-27482MEDIUM5.9ten sam produkt

Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST...