CVE-2024-11602
📋 TL;DR
A CORS misconfiguration in feast-dev/feast version 0.40.0 allows any external domain to make requests to the agentscope server API, bypassing intended security controls. This can lead to unauthorized access to sensitive information. Organizations running vulnerable feast installations with internet-facing agentscope servers are affected.
💻 Affected Systems
- feast-dev/feast
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could exfiltrate sensitive data, perform unauthorized API operations, or chain with other vulnerabilities to compromise the entire feast deployment.
Likely Case
Unauthorized cross-origin requests could access sensitive API endpoints, potentially exposing configuration data, model information, or other feast-related data.
If Mitigated
With proper CORS restrictions, only trusted origins can access the API, maintaining intended security boundaries.
🎯 Exploit Status
Exploitation requires only web browser access and knowledge of the agentscope server endpoint. No authentication or special tools needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.40.1 or later
Vendor Advisory: https://huntr.com/bounties/7b24ecbe-0af7-4125-ab56-bce09786042e
Restart Required: Yes
Instructions:
1. Update feast to version 0.40.1 or later using pip: 'pip install feast>=0.40.1' 2. Restart the agentscope server service 3. Verify the CORS configuration now properly restricts origins
🔧 Temporary Workarounds
Configure CORS restrictions manually
allManually configure the agentscope server to only allow trusted origins
Edit agentscope server configuration to set 'allowed_origins' to specific trusted domains
Use reverse proxy with CORS controls
allPlace agentscope server behind a reverse proxy that enforces proper CORS headers
Configure nginx/apache to add 'Access-Control-Allow-Origin' headers with specific origins
🧯 If You Can't Patch
- Place agentscope server behind a web application firewall (WAF) with CORS policy enforcement
- Restrict network access to agentscope server using firewall rules to only allow trusted IP ranges
🔍 How to Verify
Check if Vulnerable:
Check if agentscope server responds with 'Access-Control-Allow-Origin: *' header to cross-origin requests using browser developer tools or curl: 'curl -H "Origin: http://malicious.com" -I http://your-server:port'Check Version:
python -c "import feast; print(feast.__version__)"Verify Fix Applied:
Verify that cross-origin requests from untrusted domains are blocked and only trusted origins receive proper CORS headers📡 Detection & Monitoring
Log Indicators:
- Multiple failed CORS preflight requests
- Requests from unexpected origins to agentscope endpoints
- Unusual API access patterns from external domains
Network Indicators:
- Cross-origin requests to agentscope server from untrusted domains
- OPTIONS requests followed by unauthorized API calls
SIEM Query:
source="agentscope" AND (http_method="OPTIONS" OR origin!="trusted-domain")