CVE-2023-47116

Name of the Vulnerable Software and Affected Versions Label Studio versions prior to 1.11.0

Description The issue affects Label Studio's SSRF protections, which can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack. The vulnerability poses a significant risk in cloud environments, as it can be used to access internal web servers and partially compromise the confidentiality of those internal servers.

Recommendations For versions prior to 1.11.0, update to version 1.11.0 or later to resolve the issue. As a temporary workaround, consider validating the destination IP address before sending the request to ensure it is not in the deny list. Restrict access to internal cloud API IP ranges to minimize the risk of compromising cloud credentials.