CVE-2024-7473
📋 TL;DR
An Insecure Direct Object Reference (IDOR) vulnerability in lunary-ai/lunary allows authenticated users to modify other users' prompts by manipulating the 'id' parameter in API requests. This affects all users of lunary versions 1.3.2 through 1.4.2. The vulnerability enables unauthorized data modification within the 'Evaluations' function of the 'umgws datasets' section.
💻 Affected Systems
- lunary-ai/lunary
📦 What is this software?
Lunary by Lunary
⚠️ Risk & Real-World Impact
Worst Case
Malicious authenticated users could systematically modify or delete all user prompts, potentially corrupting AI training data, disrupting workflows, and causing data integrity issues across the entire platform.
Likely Case
Authenticated users accidentally or intentionally modify a limited number of other users' prompts, causing data inconsistencies and potential workflow disruptions for affected users.
If Mitigated
With proper access controls and monitoring, impact is limited to isolated incidents that can be quickly detected and rolled back with minimal disruption.
🎯 Exploit Status
Exploitation requires authenticated access but is trivial via parameter manipulation. The vulnerability was discovered through a bug bounty program.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.4.3
Vendor Advisory: https://github.com/lunary-ai/lunary/commit/88b55b01fcbab0fbbc5b8032a38d0345af98ecfa
Restart Required: Yes
Instructions:
1. Backup current installation and data. 2. Update lunary to version 1.4.3 using your package manager or by pulling the latest version from GitHub. 3. Restart the lunary service. 4. Verify the fix by testing prompt modification permissions.
🔧 Temporary Workarounds
Implement API-level access controls
allAdd server-side authorization checks to verify users can only modify their own prompts
# Requires code modification to add user permission checks before processing evaluation update requests
Disable Evaluations function
allTemporarily disable the vulnerable 'Evaluations' function in the 'umgws datasets' section
# Configuration depends on lunary deployment method. Check documentation for feature toggles.
🧯 If You Can't Patch
- Implement network segmentation to restrict access to lunary API endpoints to only authorized users
- Enable detailed logging of all evaluation modification requests and set up alerts for suspicious activity patterns
🔍 How to Verify
Check if Vulnerable:
Test if authenticated user A can modify evaluation prompts belonging to user B by manipulating the 'id' parameter in API requests to the evaluations endpoint.Check Version:
Check lunary version in web interface or run: python -c "import lunary; print(lunary.__version__)"Verify Fix Applied:
After patching, verify that authenticated users can only modify their own evaluation prompts and receive proper authorization errors when attempting to modify others' prompts.📡 Detection & Monitoring
Log Indicators:
- Multiple failed authorization attempts on evaluations endpoints
- User modifying evaluations with IDs not belonging to their account
- Unusual pattern of evaluation modifications across different user IDs
Network Indicators:
- HTTP POST/PUT requests to /api/evaluations/* endpoints with mismatched user IDs in parameters vs authentication tokens
- High volume of evaluation modification requests from single user
SIEM Query:
source="lunary" AND (event_type="evaluation_update" OR endpoint="/api/evaluations/*") AND user_id != request_user_id