CVE-2014-3429 : IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of web

IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.

Published 2014-08-07 11:13:35

Updated 2018-10-30 16:27:36

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2014-3429

Opensuse » Opensuse » Version: 13.2
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 1.1.0
cpe:2.3:a:ipython:ipython_notebook:1.1.0:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 0.12
cpe:2.3:a:ipython:ipython_notebook:0.12:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 0.12.1
cpe:2.3:a:ipython:ipython_notebook:0.12.1:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 0.13
cpe:2.3:a:ipython:ipython_notebook:0.13:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 0.13.1
cpe:2.3:a:ipython:ipython_notebook:0.13.1:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 0.13.2
cpe:2.3:a:ipython:ipython_notebook:0.13.2:*:*:*:*:*:*:*
Matching versions
Ipython » Ipython Notebook » Version: 1.0.0
cpe:2.3:a:ipython:ipython_notebook:1.0.0:*:*:*:*:*:*:*
Matching versions
Mageia » Mageia » Version: 3.0
cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*
Matching versions
Mageia » Mageia » Version: 4.0
cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-3429

EPSS FAQ

2.54%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 84 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-3429

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2014-3429

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-3429

http://www.mandriva.com/security/advisories?name=MDVSA-2015:160

mandriva.com
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/94497

IPython's Notebook server code execution CVE-2014-3429 Vulnerability Report
http://lists.opensuse.org/opensuse-updates/2014-08/msg00039.html

openSUSE-SU-2014:1060-1: moderate: update for IPython
Third Party Advisory
https://github.com/ipython/ipython/pull/4845

Add Origin Checking. by rgbkrk · Pull Request #4845 · ipython/ipython · GitHub
Patch;Issue Tracking
http://lambdaops.com/cross-origin-websocket-hijacking-of-ipython

One Weird Kernel Trick
Press/Media Coverage;Technical Description
https://bugzilla.redhat.com/show_bug.cgi?id=1119890

1119890 – (CVE-2014-3429) CVE-2014-3429 ipython: cross-domain websocket hijacking vulnerability
Issue Tracking
http://seclists.org/oss-sec/2014/q3/152

oss-sec: IPython Notebook Cross 2014-3429
Third Party Advisory;VDB Entry
http://permalink.gmane.org/gmane.comp.python.ipython.devel/13198

Broken Link
http://advisories.mageia.org/MGASA-2014-0320.html

Mageia Advisory: MGASA-2014-0320 - Updated ipython package fixes security vulnerability
Third Party Advisory

Jump to

Vulnerability Details : CVE-2014-3429

Products affected by CVE-2014-3429

Exploit prediction scoring system (EPSS) score for CVE-2014-3429

CVSS scores for CVE-2014-3429

CWE ids for CVE-2014-3429

References for CVE-2014-3429