CVE-2024-4151
📋 TL;DR
An improper access control vulnerability in lunary-ai/lunary version 1.2.2 allows users to view and update any prompts in any projects due to insufficient access control checks in PATCH and GET requests for template versions. This enables unauthorized manipulation or access to sensitive project data, affecting all users of the vulnerable version.
💻 Affected Systems
- lunary-ai/lunary
📦 What is this software?
Lunary by Lunary
⚠️ Risk & Real-World Impact
Worst Case
Malicious actors could modify or steal all prompt templates across all projects, leading to complete loss of data integrity and confidentiality, potentially enabling further attacks through manipulated prompts.
Likely Case
Unauthorized users accessing or modifying prompts they shouldn't have access to, leading to data leakage, prompt poisoning, or disruption of AI workflows.
If Mitigated
With proper access controls, users can only interact with prompts in projects they're authorized for, maintaining data segregation and integrity.
🎯 Exploit Status
Exploitation requires authenticated user access but no special privileges; simple HTTP requests can trigger the vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in commit ddfd497afd017a6946c582a1a806687fdac888bf
Vendor Advisory: https://github.com/lunary-ai/lunary/commit/ddfd497afd017a6946c582a1a806687fdac888bf
Restart Required: Yes
Instructions:
1. Update to the latest version of lunary-ai/lunary. 2. Apply the specific commit ddfd497afd017a6946c582a1a806687fdac888bf if not updating fully. 3. Restart the lunary service.
🔧 Temporary Workarounds
Network segmentation
allRestrict access to lunary instance to authorized users only using network controls.
API rate limiting
allImplement rate limiting on PATCH and GET endpoints to reduce attack surface.
🧯 If You Can't Patch
- Implement strict network access controls to limit who can reach the lunary instance.
- Monitor all PATCH and GET requests to /api/template-versions/ endpoints for unauthorized access patterns.
🔍 How to Verify
Check if Vulnerable:
Check if running lunary version 1.2.2 by examining package version or deployment configuration.Check Version:
Check package.json or deployment manifest for version 1.2.2Verify Fix Applied:
Verify the commit hash includes ddfd497afd017a6946c582a1a806687fdac888bf or test that users cannot access prompts outside their authorized projects.📡 Detection & Monitoring
Log Indicators:
- Multiple PATCH or GET requests to /api/template-versions/ from single user across different project IDs
- Access denied errors followed by successful access to unauthorized resources
Network Indicators:
- Unusual patterns of template version requests from users
- Requests to template endpoints with project IDs not associated with the user
SIEM Query:
source="lunary" AND (uri_path="/api/template-versions/*" AND user_id=* AND project_id NOT IN authorized_projects)