Lucene search

@huntr_aiVULNRICHMENT:CVE-2024-1738

HistoryApr 16, 2024 - 12:00 a.m.

CVE-2024-1738 Incorrect Authorization in lunary-ai/lunary

2024-04-1600:00:14

CWE-863

@huntr_ai

github.com

cve-2024-1738

incorrect authorization

lunary-ai/lunary

evaluations api

sql query

unauthorized access

private data

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically within the evaluations.get route in the evaluations API endpoint. This vulnerability allows unauthorized users to retrieve the results of any organization’s evaluation by simply knowing the evaluation ID, due to the lack of project ID verification in the SQL query. As a result, attackers can gain access to potentially private data contained within the evaluation results.

CNA Affected

[
  {
    "vendor": "lunary-ai",
    "product": "lunary-ai/lunary",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.2.4",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/lunary-ai/lunary/commit/a4e61122e61dc31460cfbe54d15fae389cc440ce

huntr.com/bounties/f68ef361-7a5d-4272-9c2f-414baf074309

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for VULNRICHMENT:CVE-2024-1738