CVE-2024-3149
Published: 06 June 2024
Summary
CVE-2024-3149 is a high-severity SSRF (CWE-918) vulnerability in Mintplexlabs Anythingllm. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 32.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: Discover AI Model Ontology (AML.T0013), AML.T0038, AI Model Inference API Access (AML.T0040).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-31747
Vulnerability details
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex-labs/anything-llm. This feature, intended for users with manager or admin roles, processes uploaded links through an internal Collector API using a headless browser. An attacker can exploit…
more
this by hosting a malicious website and using it to perform actions such as internal port scanning, accessing internal web applications not exposed externally, and interacting with the Collector API. This interaction can lead to unauthorized actions such as arbitrary file deletion and limited Local File Inclusion (LFI), including accessing NGINX access logs which may contain sensitive information.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- mintplex-labs/anything-llm is an open-source full-stack LLM application for document chatting and AI workflows, classified as an Enterprise AI Assistant platform. The vulnerability is in its upload link feature using a Collector API.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF allows internal port scanning (T1046), LFI for accessing local files like NGINX logs (T1005), and arbitrary file deletion via Collector API (T1070.004).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.
Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.
Validates server-side URLs and resource references to block SSRF attempts.
Detects server-side request forgery through monitoring of unexpected outbound connections.