CVE-2024-5213
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where the password hash of a user is returned in the response after login (POST /api/request-token) and after account creations (POST /api/admin/users/new). This exposure occurs because the entire User object, including the bcrypt password hash, is included in the response sent to the frontend. This practice could potentially lead to sensitive information exposure despite the use of bcrypt, a strong hashing algorithm. It is recommended not to expose any clues about passwords to the frontend.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| mintplex-labs | mintplex-labs/anything-llm | unspecified < 1.0.0 | affected |
Weaknesses
- CWE-201: CWE-201 Insertion of Sensitive Information Into Sent Data
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://huntr.com/bounties/8794fb65-50aa-40e3-b348-a29838dbf63d
- https://github.com/mintplex-labs/anything-llm/commit/9df4521113ddb9a3adb5d0e3941e7d494992629c
References
- https://huntr.com/bounties/8794fb65-50aa-40e3-b348-a29838dbf63d
- https://github.com/mintplex-labs/anything-llm/commit/9df4521113ddb9a3adb5d0e3941e7d494992629c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.