CVE-2024-45190

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 23, 2024
Updated: Aug 26, 2024
CWE ID 35

Summary

CVE-2024-45190 is a vulnerability in Mage AI that allows remote users with the "Viewer" role to exploit a path traversal flaw, enabling them to leak arbitrary files from the Mage server. This issue has a medium severity rating, with a confidentiality impact score classified as high, indicating significant risks to sensitive data exposure. The vulnerability requires low privileges for exploitation and does not necessitate user interaction, making it particularly concerning for organizations using Mage AI. To mitigate this risk, users are advised to apply any available security patches or updates from the vendor. Failure to address this vulnerability could lead to unauthorized access to confidential information, potentially compromising organizational security and compliance.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share