CVE-2023-48023
AI Vulnerability ContextAnyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment
Overview
A source-backed snapshot of this vulnerability.
CISA KEVnoWhether CISA lists this as exploited.
Techniques0AI attack methods connected to this vulnerability.
Case studies1Examples where this vulnerability is mentioned.
Vulnerability status
How serious this vulnerability is and whether it is known to be exploited.
not in CISA KEVCRITICAL
- CVE ID
- CVE-2023-48023
- CVSS v3
- 9.1
Exploit context
What the vulnerability is about.
No description available. The source record only contains identifiers and metadata.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
NVD CVE pagehttps://nvd.nist.gov/vuln/detail/CVE-2023-48023CVE API docshttps://nvd.nist.gov/developers/vulnerabilitiesData feedshttps://nvd.nist.gov/vuln/data-feedsaf854a3a-2127-422b-91ae-364da2661108https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0af854a3a-2127-422b-91ae-364da2661108https://docs.ray.io/en/latest/ray-security/index.html
