CVE-2024-0549

{"id": "CVE-2024-0549", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-04-16T00:15:07.603", "references": [{"url": "https://github.com/mintplex-labs/anything-llm/commit/026849df0224b6a8754f4103530bc015874def62", "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/fcb4001e-0290-4b78-a2f0-91ee5d20cc72", "source": "security@huntr.dev"}, {"url": "https://github.com/mintplex-labs/anything-llm/commit/026849df0224b6a8754f4103530bc015874def62", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://huntr.com/bounties/fcb4001e-0290-4b78-a2f0-91ee5d20cc72", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-23"}]}], "descriptions": [{"lang": "en", "value": "mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing unauthorized attackers with a default role account to delete files and folders within the filesystem, including critical database files such as 'anythingllm.db'. The vulnerability stems from insufficient input validation and normalization in the handling of file and folder deletion requests. Successful exploitation results in the compromise of data integrity and availability."}, {"lang": "es", "value": "mintplex-labs/anything-llm es vulnerable a un ataque de relative path traversal, lo que permite a atacantes no autorizados con una cuenta de rol predeterminada eliminar archivos y carpetas dentro del sistema de archivos, incluidos archivos de bases de datos cr\u00edticos como 'anythingllm.db'. La vulnerabilidad se debe a una validaci\u00f3n y normalizaci\u00f3n de entrada insuficientes en el manejo de solicitudes de eliminaci\u00f3n de archivos y carpetas. La explotaci\u00f3n exitosa resulta en el compromiso de la integridad y disponibilidad de los datos."}], "lastModified": "2024-11-21T08:46:50.990", "sourceIdentifier": "security@huntr.dev"}