CVE-2024-1902
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
lunary-ai/lunary is vulnerable to a session reuse attack, allowing a removed user to change the organization name without proper authorization. The vulnerability stems from the lack of validation to check if a user is still part of an organization before allowing them to make changes. An attacker can exploit this by using an old authorization token to send a PATCH request, modifying the organization's name even after being removed from the organization. This issue is due to incorrect synchronization and affects the orgs.patch route.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| lunary-ai | lunary-ai/lunary | unspecified < 1.2.8 | affected |
Weaknesses
- CWE-821: CWE-821 Incorrect Synchronization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- https://huntr.com/bounties/e536310e-abe7-4585-9cf6-21f77390a5e8
- https://github.com/lunary-ai/lunary/commit/d8e2e73efd53ab4e92cf47bbf4b639a9f08853d2
References
- https://huntr.com/bounties/e536310e-abe7-4585-9cf6-21f77390a5e8
- https://github.com/lunary-ai/lunary/commit/d8e2e73efd53ab4e92cf47bbf4b639a9f08853d2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.