Anyscale.Ray.URL.Parameter.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure vulnerability in Anyscale Ray.
The vulnerability is due to the application not performing sufficient input validation on the user-supplied URL. A remote, unauthenticated attacker could exploit this vulnerability by sending a malicious request to the target server to retrieve sensitive information.
Affected Products
Anyscale Ray 2.6.3
Anyscale Ray 2.8.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Currently, we are unaware of any vendor-supplied patch or updates available for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |