CVE-2023-47117
📋 TL;DR
This vulnerability in Label Studio allows attackers to exploit insecure filter chains to leak sensitive user data character by character through Django ORM manipulation. Attackers can also forge session tokens using a hardcoded secret key to impersonate any user. All Label Studio installations prior to version 1.9.2post0 are affected.
💻 Affected Systems
- Label Studio
📦 What is this software?
Label Studio by Humansignal
Label Studio by Humansignal
⚠️ Risk & Real-World Impact
Worst Case
Complete account takeover of all users, unauthorized access to all labeled data, and potential exposure of sensitive information stored in the platform.
Likely Case
Unauthorized access to user accounts, exposure of sensitive labeling data, and potential privilege escalation within the platform.
If Mitigated
Limited impact if proper network segmentation and access controls are in place, but still vulnerable to authenticated attackers.
🎯 Exploit Status
Exploitation requires understanding of Django ORM filter chains and character-by-character extraction techniques, but the hardcoded secret key simplifies session forgery.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.9.2post0
Vendor Advisory: https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6hjj-gq77-j4qw
Restart Required: Yes
Instructions:
1. Backup your Label Studio data and configuration. 2. Update Label Studio to version 1.9.2post0 or later using pip: 'pip install label-studio>=1.9.2post0'. 3. Restart the Label Studio service. 4. Verify the update was successful.
🔧 Temporary Workarounds
No workarounds available
allThe vendor advisory states there are no known workarounds for this vulnerability
🧯 If You Can't Patch
- Isolate the Label Studio instance from the internet and restrict access to trusted users only
- Implement strict network monitoring and alerting for unusual filter-related API requests
🔍 How to Verify
Check if Vulnerable:
Check if Label Studio version is below 1.9.2post0 by examining the installed package versionCheck Version:
pip show label-studio | grep VersionVerify Fix Applied:
Confirm Label Studio version is 1.9.2post0 or higher and verify the commit f931d9d129 is included📡 Detection & Monitoring
Log Indicators:
- Unusual filter chain requests with multiple ORM operations
- Requests attempting character-by-character extraction patterns
- Multiple failed login attempts followed by successful logins from same IP
Network Indicators:
- Unusual API requests to filter endpoints with complex query parameters
- Rapid sequential requests to task filtering endpoints
SIEM Query:
source="label-studio" AND (uri_path="/api/tasks/filter" OR uri_path="/api/tasks") AND (query_parameters CONTAINS "filter" OR query_parameters CONTAINS "orm")🔗 References
- https://github.com/HumanSignal/label-studio/commit/f931d9d129002f54a495995774ce7384174cef5c
- https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6hjj-gq77-j4qw
- https://github.com/HumanSignal/label-studio/commit/f931d9d129002f54a495995774ce7384174cef5c
- https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6hjj-gq77-j4qw
