Lucene search

@huntr_aiVULNRICHMENT:CVE-2024-3102

HistoryJun 06, 2024 - 6:19 p.m.

CVE-2024-3102 JSON Injection in mintplex-labs/anything-llm

2024-06-0618:19:23

CWE-229

@huntr_ai

github.com

cve-2024-3102

json injection

mintplex-labs/anything-llm

endpoint

username parameter

brute force attacks

blind attacks

system security

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

A JSON Injection vulnerability exists in the mintplex-labs/anything-llm application, specifically within the username parameter during the login process at the /api/request-token endpoint. The vulnerability arises from improper handling of values, allowing attackers to perform brute force attacks without prior knowledge of the username. Once the password is known, attackers can conduct blind attacks to ascertain the full username, significantly compromising system security.

CNA Affected

[
  {
    "vendor": "mintplex-labs",
    "product": "mintplex-labs/anything-llm",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "1.0.0",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/mintplex-labs/anything-llm/commit/2374939ffb551ab2929d7f9d5827fe6597fa8caa

huntr.com/bounties/8af4650d-5955-44a4-86b4-d08e1c862b49

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for VULNRICHMENT:CVE-2024-3102