CVE-2024-7475 – This vulnerability allows unauthorized attacker... (How to Fix)

Q: What is the severity of CVE-2024-7475?

CVE-2024-7475 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows unauthorized attackers to modify SAML configuration settings in lunary-ai/lunary version 1.3.2. This can lead to authentication bypass, fraudulent logins, and potential user data theft. Organizations using this specific version of the lunary software are affected.

📋 TL;DR

This vulnerability allows unauthorized attackers to modify SAML configuration settings in lunary-ai/lunary version 1.3.2. This can lead to authentication bypass, fraudulent logins, and potential user data theft. Organizations using this specific version of the lunary software are affected.

💻 Affected Systems

Products:

lunary-ai/lunary

Versions: 1.3.2

Operating Systems: all

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects version 1.3.2 of the lunary software. Earlier versions may also be vulnerable but not confirmed.

📦 What is this software?

Lunary by Lunary

View all CVEs affecting Lunary →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of authentication system allowing attackers to impersonate any user, steal sensitive data, and maintain persistent access to the system.

🟠

Likely Case

Authentication bypass enabling unauthorized access to user accounts and potential data exfiltration.

🟢

If Mitigated

No impact if proper access controls prevent unauthorized SAML configuration changes.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires network access to the lunary instance but does not require authentication to modify SAML configuration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 8f563c77d8614a72980113f530c7a9ec15a5f8d5

Vendor Advisory: https://github.com/lunary-ai/lunary/commit/8f563c77d8614a72980113f530c7a9ec15a5f8d5

Restart Required: Yes

Instructions:

1. Update to the latest version of lunary-ai/lunary. 2. Apply the security patch from commit 8f563c77d8614a72980113f530c7a9ec15a5f8d5. 3. Restart the lunary service.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to the lunary instance to only trusted IP addresses

SAML Configuration Monitoring

all

Implement monitoring and alerting for changes to SAML configuration files

🧯 If You Can't Patch

Implement strict network segmentation to isolate the lunary instance
Deploy additional authentication layers and monitor for suspicious authentication attempts

🔍 How to Verify

Check if Vulnerable:

Check if running lunary-ai/lunary version 1.3.2 by examining the software version in the application interface or configuration files.

Check Version:

Check lunary configuration or package manager for version information

Verify Fix Applied:

Verify the commit hash includes 8f563c77d8614a72980113f530c7a9ec15a5f8d5 or check that SAML configuration changes now require proper authentication.

📡 Detection & Monitoring

Log Indicators:

Unauthorized SAML configuration modification attempts
Unexpected authentication source changes
Failed authentication attempts from unexpected sources

Network Indicators:

Unusual network traffic to SAML configuration endpoints
Authentication requests from unexpected IP addresses

SIEM Query:

source="lunary" AND (event="saml_config_change" OR event="auth_failure")

📊 Metadata

CVE ID: CVE-2024-7475

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-862

Published: October 29, 2024

Last Updated: October 15, 2025

🔗 References

https://github.com/lunary-ai/lunary/commit/8f563c77d8614a72980113f530c7a9ec15a5f8d5 Patch
https://huntr.com/bounties/78c824f7-3b6d-443d-bb76-0f8031c6c126 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7475, you might also want to check these: