CVE-2023-43791

Name of the Vulnerable Software and Affected Versions Label Studio versions prior to 1.8.2

Description There is a vulnerability in Label Studio that can be chained with an Object Relational Mapper (ORM) Leak vulnerability to impersonate any account on the platform. An attacker could exploit these vulnerabilities to escalate their privileges from a low privilege user to a Django Super Administrator user. The vulnerability is due to a hardcoded Django SECRET KEY in the application settings, which can be used to forge session tokens for all users on Label Studio.

The estimated number of potentially affected devices worldwide is not specified. However, the vulnerability can be exploited to impersonate any account on the platform, which could have significant consequences.

Technical details about exploitation include the use of the hardcoded SECRET KEY to forge session tokens. An attacker can exploit the ORM Leak vulnerability to retrieve the full password hash of an account, and then use the hardcoded SECRET KEY to create a forged session token for that account.

Recommendations For Label Studio versions prior to 1.8.2, update to a version >= 1.8.2 to mitigate the likelihood of an attacker exploiting these vulnerabilities to impersonate all accounts on the platform. As a temporary workaround, consider restricting access to sensitive features and data until the update can be applied.