CVE-2023-41881

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Oct 11, 2023

Updated: Oct 18, 2023

CWE ID 708

CWE ID 200

Summary

CVE-2023-41881 affects the vantage6 privacy-preserving federated learning infrastructure. When a collaboration is deleted, linked resources, such as tasks from that collaboration, should also be removed to prevent potential side-effects. In older versions, if a collaboration with id=10 is deleted and subsequently a new one with the same id is created, authenticated users may be able to view results of the deleted collaboration in some instances. Version 4.0.0 includes a patch to resolve this issue, and no workarounds are currently known.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Vantage6

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sj2yBc
https://www.cve.org/CVERecord?id=CVE-2023-41881
https://nvd.nist.gov/vuln/detail/CVE-2023-41881

Back to Vulnerability Database

CVE-2023-41881

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations