{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0782", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2025-01-28T13:18:01.044Z", "datePublished": "2025-05-02T20:11:19.114Z", "dateUpdated": "2025-05-06T15:02:12.763Z"}, "containers": {"cna": {"title": "Missing Authorization in h2oai/h2o-3", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-05-02T20:11:19.114Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability could lead to remote code execution (RCE) on any user who uses the application. Additionally, an attacker could modify the documentation to include malicious download links."}], "affected": [{"vendor": "h2oai", "product": "h2oai/h2o-3", "versions": [{"version": "unspecified", "lessThan": "Fixed by DevOps in aws config", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151"}, {"url": "https://github.com/h2oai/h2o-3/commit/6740655b70cef40ec67d952bee2d23f7d33c7419"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "baseScore": 10, "baseSeverity": "CRITICAL"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862"}]}], "source": {"advisory": "4587cec7-8bc5-48ab-8614-105d41c99151", "discovery": "EXTERNAL"}}, "adp": [{"references": [{"url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-06T15:01:52.441715Z", "id": "CVE-2025-0782", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-06T15:02:12.763Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0782", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-06T15:01:52.441715Z"}}}], "references": [{"url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-06T15:02:05.550Z"}}], "cna": {"title": "Missing Authorization in h2oai/h2o-3", "source": {"advisory": "4587cec7-8bc5-48ab-8614-105d41c99151", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "h2oai", "product": "h2oai/h2o-3", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "Fixed by DevOps in aws config", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151"}, {"url": "https://github.com/h2oai/h2o-3/commit/6740655b70cef40ec67d952bee2d23f7d33c7419"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability could lead to remote code execution (RCE) on any user who uses the application. Additionally, an attacker could modify the documentation to include malicious download links."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-05-02T20:11:19.114Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0782", "state": "PUBLISHED", "dateUpdated": "2025-05-06T15:02:12.763Z", "dateReserved": "2025-01-28T13:18:01.044Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2025-05-02T20:11:19.114Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the 'h2o-release' bucket. This issue affects all versions and could enable an attacker to overwrite any file in the bucket. As users download binary files such as JARs from this bucket, this vulnerability could lead to remote code execution (RCE) on any user who uses the application. Additionally, an attacker could modify the documentation to include malicious download links."}, {"lang": "es", "value": "Una vulnerabilidad en la configuraci\u00f3n del bucket S3 para h2oai/h2o-3 permite acceso p\u00fablico de escritura al bucket \"h2o-release\". Este problema afecta a todas las versiones y podr\u00eda permitir a un atacante sobrescribir cualquier archivo del bucket. Al descargar archivos binarios, como JAR, desde este bucket, esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) en cualquier usuario que utilice la aplicaci\u00f3n. Adem\u00e1s, un atacante podr\u00eda modificar la documentaci\u00f3n para incluir enlaces de descarga maliciosos."}], "id": "CVE-2025-0782", "lastModified": "2025-05-06T15:16:00.720", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.8, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2025-05-02T21:15:23.550", "references": [{"source": "security@huntr.dev", "url": "https://github.com/h2oai/h2o-3/commit/6740655b70cef40ec67d952bee2d23f7d33c7419"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://huntr.com/bounties/4587cec7-8bc5-48ab-8614-105d41c99151"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@huntr.dev", "type": "Secondary"}]}

{}