CVE-2024-6960
HIGHH2O Core - Remote Code Execution via Iced Model Deserialization
Title source: llmDescription
The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized (no class whitelist). An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform.
References (2)
Core 2
Core References
Various Sources
https://mvnrepository.com/artifact/ai.h2o/h2o-core
Various Sources third-party-advisory
https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/
Scores
CVSS v3
7.5
EPSS
0.0064
EPSS Percentile
46.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-502
Status
published
Products (1)
ai.h2o/h2o-core
0Maven
Published
Jul 21, 2024
Tracked Since
Feb 18, 2026