CVE-2023-48022

Name of the Vulnerable Software and Affected Versions Anyscale Ray versions 2.6.3 through 2.8.0

Description The vulnerability is related to insufficient validation of incoming requests in the Anyscale Ray AI framework, allowing a remote attacker to execute arbitrary code via the job submission API. Thousands of publicly exposed Ray servers worldwide have been compromised due to this issue. The vulnerability has been exploited in real-world incidents, with attackers hijacking compute power and leaking data across sectors for 7 months. The estimated number of potentially affected devices worldwide is not explicitly stated, but it is mentioned that major tech companies such as Uber, Amazon, and OpenAI are affected.

Recommendations For Anyscale Ray versions 2.6.3 through 2.8.0, consider disabling the job submission API until a patch is available. Restrict access to the vulnerable API endpoint to minimize the risk of exploitation. Avoid using the

job submission

API endpoint until the issue is resolved. As a temporary workaround, consider implementing additional validation and authentication mechanisms for incoming requests to the job submission API. At the moment, there is no information about a newer version that contains a fix for this vulnerability.