CVE-2024-23682

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Artemis Java Test Sandbox versions prior to 1.8.0

Description The issue allows an attacker to escape the sandbox by including class files in a package that Ares trusts, enabling the execution of arbitrary Java code when a victim runs the supposedly sandboxed code. This affects all Artemis users who test Java assignments, potentially allowing students' code to run arbitrary code in the container or on the machine of an assessor during manual correction.

Recommendations For Artemis Java Test Sandbox versions prior to 1.8.0, use the Maven Enforcer Plugin to fail the build if student classes reside in packages that Ares trusts. Configure the plugin as follows:

<plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-enforcer-plugin</artifactId>
  <version>3.0.0</version>
  <executions>
    <execution>
      <id>enforce-no-student-code-in-trusted-packages</id>
      <phase>process-classes</phase>
      <goals>
        <goal>enforce</goal>
      </goals>
    </execution>
  </executions>
  <configuration>
    <rules>
      <requireFilesDontExist>
        <files>
          <!-- ADD HERE THE RULES ARES TELLS YOU ARE MISSING -->
        </files>
      </requireFilesDontExist>
    </rules>
  </configuration>
</plugin>

Add trusted packages specified by Ares using @AddTrustedPackage to the configuration.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-501CWE-653

Related Identifiers

CVE-2024-23682

GHSA-227W-WV4J-67H4

GHSA-HJ55-9JMV-9JRJ

Affected Products

Maven Enforcer Plugin

CVE-2024-23682

Weakness Enumeration

Related Identifiers

Affected Products

References · 14