Lucene search

GoogleOSV:CVE-2024-4287

HistoryMay 20, 2024 - 1:15 p.m.

CVE-2024-4287

2024-05-2013:15:23

Google

osv.dev

vulnerability

input validation

json data

http request

database query

manager role

nested write operations

administrator accounts

software

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to /api/workspace/:workspace-slug/update, allowing it to be executed as part of a database query without restrictions. This flaw enables users with a manager role to craft a request that includes nested write operations, effectively allowing them to create new Administrator accounts.

References

github.com/mintplex-labs/anything-llm/commit/94b58249a37a21b1c08deaa2d1edfdecbb6deb18

huntr.com/bounties/34491fb7-5133-4e80-8782-74124350bbdb

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for OSV:CVE-2024-4287