CVE-2024-8183

CVSS 3.0 Score 7.6 of 10 (high)

Details

Published Mar 20, 2025

CWE ID 346

Summary

CVE-2024-8183 is a Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability affecting version 2.20.2 of prefecthq/prefect. This issue permits unauthorized domains to access sensitive data, posing a significant risk. The unauthorized access could potentially lead to data leaks, loss of confidentiality, service disruption, and data integrity risks. The vulnerability arises due to a misconfiguration of the CORS settings, allowing unintended domains to make requests that should be restricted. This weakness can result in unauthorized access to the underlying database, highlighting the importance of properly securing CORS configurations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Prefect

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners