CVE-2024-24594 – A cross-site scripting (XSS) vulnerability in A... (How to Fix)

Q: What is the severity of CVE-2024-24594?

CVE-2024-24594 has a CVSS score of 9.9 (CRITICAL). A cross-site scripting (XSS) vulnerability in Allegro AI's ClearML platform allows remote attackers to execute malicious JavaScript when users view the Debug Samples tab. This affects all versions of ClearML's web server component, potentially compromising user sessions and data.

📋 TL;DR

A cross-site scripting (XSS) vulnerability in Allegro AI's ClearML platform allows remote attackers to execute malicious JavaScript when users view the Debug Samples tab. This affects all versions of ClearML's web server component, potentially compromising user sessions and data.

💻 Affected Systems

Products:

Allegro AI ClearML

Versions: All versions

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the web UI component when Debug Samples tab is accessible.

📦 What is this software?

Clearml by Clear

View all CVEs affecting Clearml →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware on user systems.

🟠

Likely Case

Session hijacking leading to unauthorized access to ML models, training data, and platform functionality.

🟢

If Mitigated

Limited impact if proper Content Security Policy (CSP) headers are enforced and input validation is implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires user interaction (viewing Debug Samples tab) but payload execution is straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Monitor Allegro AI security advisories for updates.

🔧 Temporary Workarounds

Disable Debug Samples Tab

all

Remove or restrict access to the vulnerable Debug Samples tab in the web UI.

Configuration depends on ClearML deployment method. Consult ClearML documentation for UI customization.

Implement Content Security Policy

all

Add strict CSP headers to prevent script execution from untrusted sources.

Add to web server config: Content-Security-Policy: default-src 'self'; script-src 'self'

🧯 If You Can't Patch

Restrict network access to ClearML web UI using firewall rules or VPN.
Implement web application firewall (WAF) rules to detect and block XSS payloads.

🔍 How to Verify

Check if Vulnerable:

Test if JavaScript executes when viewing Debug Samples tab with crafted input.

Check Version:

Check ClearML version via web UI or API endpoint /api/v2.0/system/version

Verify Fix Applied:

Verify that script tags and JavaScript payloads are properly sanitized or blocked in Debug Samples tab.

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript in Debug Samples requests
Multiple failed XSS attempts

Network Indicators:

Suspicious script tags in HTTP requests to Debug Samples endpoints

SIEM Query:

web.url:*debug*samples* AND (web.query:*script* OR web.query:*javascript*)

📊 Metadata

CVE ID: CVE-2024-24594

CVSS v3 Score: 9.9 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-79

Published: February 6, 2024

Last Updated: November 21, 2024

🔗 References

https://hiddenlayer.com/research/not-so-clear-how-mlops-solutions-can-muddy-the-waters-of-your-supply-chain/ Exploit,Third Party Advisory
https://hiddenlayer.com/research/not-so-clear-how-mlops-solutions-can-muddy-the-waters-of-your-supply-chain/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-24594, you might also want to check these: