CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6086 – Improper Access Control in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-6086
27 Jun 2024 — In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can change the name of an organization due to improper access control. The function checkAccess() is not implemented, allowing users with the lowest privileges, such as the 'Prompt Editor' role, to modify organization attributes without proper authorization. • https://huntr.com/bounties/9e83f63f-c5c1-422f-8010-95c353f0c643 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5755 – Email Validation Bypass in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5755
27 Jun 2024 — In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., 'attacker123@gmail.com' and 'attacker.123@gmail.com'), leading to incorrect synchronization and potential security issues. • https://huntr.com/bounties/cf337d37-e602-482b-aa7a-9e34e7f13e1f • CWE-821: Incorrect Synchronization •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5714 – Improper Access Control in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5714
27 Jun 2024 — In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with team management permissions to manipulate project identifiers in requests, enabling them to invite users to projects in other organizations, change members to projects in other organizations with escalated privileges, and change members from other organizations to their own or other projects, also with escalated privileges. This vulnerability is due to the backend's failure to validate project identifiers against... • https://huntr.com/bounties/8cff4afa-131b-4a7e-9f0d-8a3c69f3d024 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5328 – SSRF Vulnerability in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5328
06 Jun 2024 — A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application, specifically within the endpoint '/auth/saml/tto/download-idp-xml'. The vulnerability arises due to the application's failure to validate user-supplied URLs before using them in server-side requests. An attacker can exploit this vulnerability by sending a specially crafted request to the affected endpoint, allowing them to make unauthorized requests to internal or external resources. This could lead to the disclos... • https://huntr.com/bounties/80b09757-d9a0-44d1-932f-2461fc8fec69 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5130 – Incorrect Authorization in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5130
06 Jun 2024 — An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including 1.2.2, which allows unauthenticated users to delete any dataset. The vulnerability is due to the lack of proper authorization checks in the dataset deletion endpoint. Specifically, the endpoint does not verify if the provided project ID belongs to the current user, thereby allowing any dataset to be deleted without proper authentication. This issue was fixed in version 1.2.8. Existe una vulnerabilidad de autoriz... • https://github.com/lunary-ai/lunary/commit/14078c1d2b8766075bf655f187ece24c7a787776 • CWE-639: Authorization Bypass Through User-Controlled Key CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5131 – Improper Access Control in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5131
06 Jun 2024 — An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting versions up to and including 1.2.2. The vulnerability allows unauthorized users to view any prompts in any projects by supplying a specific prompt ID to an endpoint that does not adequately verify the ownership of the prompt ID. This issue was fixed in version 1.2.25. Existe una vulnerabilidad de control de acceso inadecuado en el repositorio lunary-ai/lunary, que afecta a las versiones hasta la 1.2.2 incluida. La ... • https://github.com/lunary-ai/lunary/commit/ddfd497afd017a6946c582a1a806687fdac888bf • CWE-284: Improper Access Control CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5129 – Privilege Escalation Vulnerability in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5129
06 Jun 2024 — A Privilege Escalation Vulnerability exists in lunary-ai/lunary version 1.2.2, where any user can delete any datasets due to missing authorization checks. The vulnerability is present in the dataset deletion functionality, where the application fails to verify if the user requesting the deletion has the appropriate permissions. This allows unauthorized users to send a DELETE request to the server and delete any dataset by specifying its ID. The issue is located in the datasets.delete function within the dat... • https://github.com/lunary-ai/lunary/commit/14078c1d2b8766075bf655f187ece24c7a787776 • CWE-862: Missing Authorization •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5133 – Account Takeover via Exposed Recovery Token in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5133
06 Jun 2024 — In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure of password recovery tokens in API responses. Specifically, when a user initiates the password reset process, the recovery token is included in the response of the `GET /v1/users/me/org` endpoint, which lists all users in a team. This allows any authenticated user to capture the recovery token of another user and subsequently change that user's password without consent, effectively taking over the account. The is... • https://huntr.com/bounties/6057598d-93c4-4a94-bb80-5bd508013c5b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5126 – Improper Access Control in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5126
06 Jun 2024 — An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to but not including 1.2.25. The vulnerability allows unauthorized users to update prompt details due to insufficient access control checks. This issue was addressed and fixed in version 1.2.25. Existe una vulnerabilidad de control de acceso inadecuado en el repositorio lunary-ai/lunary, específicamente dentro de la ... • https://github.com/lunary-ai/lunary/commit/b7bd3a830a0f47ba07d0fd57bf78c4dd8a216297 • CWE-284: Improper Access Control •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5128 – IDOR Vulnerability in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5128
06 Jun 2024 — An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary, affecting versions up to and including 1.2.2. This vulnerability allows unauthorized users to view, update, or delete any dataset_prompt or dataset_prompt_variation within any dataset or project. The issue stems from improper access control checks in the dataset management endpoints, where direct references to object IDs are not adequately secured against unauthorized access. This vulnerability was fixed in version ... • https://github.com/lunary-ai/lunary/commit/0755dde1afc2a74ec23b55eee03e4416916cf48f • CWE-284: Improper Access Control CWE-639: Authorization Bypass Through User-Controlled Key •