CVE-2023-6017
Published: 16 November 2023
Summary
CVE-2023-6017 is a high-severity an unspecified weakness vulnerability in H2O H2O. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Web Services (T1584.006); ranked at the 41.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain; MITRE ATLAS techniques in scope: AI Supply Chain Compromise (AML.T0010).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-58282
Vulnerability details
H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- H2O is an AI/ML platform (H2O.ai's machine learning engine), and the vulnerability was reported on a bug bounty platform specifically for AI/ML (huntr.com), confirming AI relevance. The issue involves a reference to a deleted S3 bucket in H2O, fitting 'Other Platforms' as it doesn't match more specific categories like Deep Learning Frameworks or NLP.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables takeover of an S3 bucket URL referenced by H2O, facilitating compromise of web services infrastructure (T1584.006) and staging malware or tools on the controlled cloud storage (T1608.001).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.