{}

{}

{}

{"acknowledgement": "This issue was discovered by Jitendra Yejare (Red Hat).", "bugzilla": {"description": "feast: Unauthenticated Arbitrary File Write", "id": "2429304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429304"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "status": "draft"}, "cwe": "CWE-862", "details": ["A vulnerability has been identified in the Feast Feature Server\u2019s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-23537", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-feature-server-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2026-03-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23537\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23537"], "statement": "This Critical vulnerability in the Feast Feature Server's `/save-document` endpoint allows an unauthenticated, remote attacker to write arbitrary JSON files to the filesystem, bypassing path restrictions. This could lead to unauthorized system modifications or remote code execution.", "threat_severity": "Critical"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "product": "openshift_ai", "vendor": "redhat"}], "analysis": {"en": {"generated_at": "2026-03-21T07:40:20.532235+00:00", "value": {"mitigation_remediation": ["Apply the latest Feast Feature Server patch that fixes the unauthenticated arbitrary file write issue", "Restrict access to the /save-document endpoint to trusted IP addresses or networks", "Remove or restrict write permissions from directories used for configuration or startup scripts", "If the endpoint is not required, disable it in the application configuration", "Configure the web server to enforce file type restrictions and sanitize input paths", "Monitor logs for unexpected file creation or modification attempts", "As a temporary workaround, block unauthenticated traffic to the endpoint using a firewall rule"], "summary": {"action": "Immediate Patch", "impact": "Unauthorized file write leading to potential remote code execution"}, "threat_synthesis": {"affected_systems": "All deployments of the Feast Feature Server are potentially affected. The vulnerability targets the /save-document functionality and no specific product versions are disclosed, so any instance of this component should be treated as at risk.", "description_and_impact": "A flaw in the Feast Feature Server\u2019s /save-document endpoint permits an unauthenticated user to write arbitrary JSON files onto the server\u2019s filesystem. The application\u2019s intended file location restrictions can be bypassed, allowing an attacker to overwrite critical configuration files or startup scripts. This can result in unauthorized system modifications, denial of service through disk exhaustion, or even remote code execution if executable scripts are overwritten.", "risk_and_exploitability": "The CVSS score of 9.1 indicates critical severity, and because no authentication or privilege is required, the risk of exploitation is high for any network\u2011reachable attacker. The EPSS score is not available, but the lack of credentials or special permissions strongly suggests a high likelihood of exploitation. The vulnerability is not currently listed in CISA\u2019s catalog of known exploited vulnerabilities, but its characteristics make it a high\u2011risk target. The likely attack vector is an unauthenticated HTTP request to the /save-document endpoint with minimal prerequisites beyond network access."}}}}, "created": "2026-03-23T09:55:40.072818+00:00", "updated": "2026-03-24T10:35:10.087786+00:00", "vendors": ["redhat", "redhat$PRODUCT$openshift_ai"]}