ZenML < 0.56.3 Vulnerability - CVE-2024-2383

#%NASL_MIN_LEVEL 80900

##
# Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(213481);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/01/16");

  script_cve_id("CVE-2024-2383");

  script_name(english:"ZenML < 0.56.3 Vulnerability - CVE-2024-2383");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by a
clickjacking vulnerability due to the application's failure to set appropriate X-Frame-Options or 
Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI 
within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into 
interacting with the interface under the attacker's control.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.");
  # https://github.com/zenml-io/zenml/commit/f863fde1269bc355951f8cfc826c0244d88ad5e9
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bd5c5fc0");
  script_set_attribute(attribute:"see_also", value:"https://huntr.com/bounties/22d26f5a-c0ae-4344-aa7d-08ff5ada3963");
  script_set_attribute(attribute:"solution", value:
"Upgrade to ZenML version 0.56.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-2383");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(1021);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/06/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/06/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/01/03");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:zenml:zenml");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Artificial Intelligence");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("zenml_detect.nbin", "python_zenml_detect.nbin");
  script_require_keys("installed_sw/ZenML");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::combined_get_app_info(app:'ZenML');
var constraints = [
    { 'min_version':'0.1', 'fixed_version':'0.56.3' },
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);