Simplify the vuln title for Triton Inference Server RCE.

PiperOrigin-RevId: 635875319 Change-Id: I188e14b1e06f72ef3aee949aa5ad7def5ff4b567
google · May 21, 2024 · d39aff0 · d39aff0
1 parent b8189d0
commit d39aff0
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 16 deletions.
diff --git a/...n/java/com/google/tsunami/plugins/detectors/rce/TritonInferenceServerRceVulnDetector.java b/...n/java/com/google/tsunami/plugins/detectors/rce/TritonInferenceServerRceVulnDetector.java
@@ -288,13 +288,13 @@ private DetectionReport buildDetectionReport(
                         .setPublisher("TSUNAMI_COMMUNITY")
                         .setValue("TritonInferenceServerRce"))
                 .setSeverity(Severity.CRITICAL)
-                .setTitle(
-                    "This detector checks triton inference server RCE with explicit model-control"
-                        + " option enabled")
+                .setTitle("Triton Inference Server RCE")
                 .setDescription(
-                    "All versions of triton inference server with the `--model-control explicit`"
-                        + " option and at least one loaded model can be overwritten by a malicious"
-                        + " model and lead to RCE.")
+                    "This detector checks triton inference server RCE with explicit model-control"
+                        + " option enabled. \n"
+                        + "All versions of triton inference server with the `--model-control"
+                        + " explicit` option allows for loaded models to be overwritten by "
+                        + " malicious models and lead to RCE.")
                 .setRecommendation("don't use `--model-control explicit` option with public access")
                 .addRelatedId(
                     VulnerabilityId.newBuilder().setPublisher("CVE").setValue("CVE-2023-31036")))

diff --git a/...va/com/google/tsunami/plugins/detectors/rce/TritonInferenceServerRceVulnDetectorTest.java b/...va/com/google/tsunami/plugins/detectors/rce/TritonInferenceServerRceVulnDetectorTest.java
@@ -18,7 +18,11 @@
 
 import static com.google.common.truth.extensions.proto.ProtoTruth.assertThat;
 import static com.google.tsunami.common.data.NetworkEndpointUtils.forHostnameAndPort;
-import static com.google.tsunami.plugins.detectors.rce.TritonInferenceServerRceVulnDetector.*;
+import static com.google.tsunami.plugins.detectors.rce.TritonInferenceServerRceVulnDetector.MODEL_CONFIG;
+import static com.google.tsunami.plugins.detectors.rce.TritonInferenceServerRceVulnDetector.PYTHON_MODEL;
+import static com.google.tsunami.plugins.detectors.rce.TritonInferenceServerRceVulnDetector.UPLOAD_CONFIG_PAYLOAD;
+import static com.google.tsunami.plugins.detectors.rce.TritonInferenceServerRceVulnDetector.UPLOAD_MODEL_PAYLOAD;
+import static java.nio.charset.StandardCharsets.UTF_8;
 
 import com.google.common.collect.ImmutableList;
 import com.google.common.truth.Truth;
@@ -45,7 +49,6 @@
 import java.util.Base64;
 import java.util.Objects;
 import javax.inject.Inject;
-
 import okhttp3.mockwebserver.Dispatcher;
 import okhttp3.mockwebserver.MockResponse;
 import okhttp3.mockwebserver.MockWebServer;
@@ -120,13 +123,13 @@ public void detect_whenVulnerable_returnsVulnerability() throws IOException {
                                 .setPublisher("TSUNAMI_COMMUNITY")
                                 .setValue("TritonInferenceServerRce"))
                         .setSeverity(Severity.CRITICAL)
-                        .setTitle(
-                            "This detector checks triton inference server RCE with explicit"
-                                + " model-control option enabled")
+                        .setTitle("Triton Inference Server RCE")
                         .setDescription(
-                            "All versions of triton inference server with the `--model-control"
-                                + " explicit` option and at least one loaded model can be"
-                                + " overwritten by a malicious model and lead to RCE.")
+                            "This detector checks triton inference server RCE with explicit"
+                                + " model-control option enabled. \n"
+                                + "All versions of triton inference server with the"
+                                + " `--model-control explicit` option allows for loaded models to"
+                                + " be overwritten by  malicious models and lead to RCE.")
                         .setRecommendation(
                             "don't use `--model-control explicit` option with public access")
                         .addRelatedId(
@@ -177,7 +180,7 @@ public MockResponse dispatch(RecordedRequest request) {
                               UPLOAD_CONFIG_PAYLOAD,
                               Base64.getEncoder()
                                   .encodeToString(
-                                      String.format(MODEL_CONFIG, "metasploit").getBytes())))
+                                      String.format(MODEL_CONFIG, "metasploit").getBytes(UTF_8))))
                       || request
                           .getBody()
                           .readString(StandardCharsets.UTF_8)
@@ -186,7 +189,7 @@ public MockResponse dispatch(RecordedRequest request) {
                                   UPLOAD_MODEL_PAYLOAD,
                                   Base64.getEncoder()
                                       .encodeToString(
-                                          PYTHON_MODEL.substring(0, 20).getBytes()))))) {
+                                          PYTHON_MODEL.substring(0, 20).getBytes(UTF_8)))))) {
                 return new MockResponse().setResponseCode(200);
               }
             }