CVE-2024-45188
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-45188 is a vulnerability in Mage AI that allows remote users with the "Viewer" role to exploit a path traversal issue, leading to the potential leakage of arbitrary files from the Mage server. This vulnerability presents a medium severity risk, as it has a CVSS base score of 6.5, indicating high confidentiality impact with low privileges required for exploitation. Remediation efforts should focus on restricting access roles and implementing proper input validation to mitigate the risk. The attack vector is primarily network-based, requiring no user interaction, which raises concerns about unauthorized data exposure. Organizations utilizing Mage AI should prioritize addressing this vulnerability to protect sensitive information from potential leaks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.