CVE-2024-3829
Published: 03 June 2024
Summary
CVE-2024-3829 is a critical-severity Link Following (CWE-59) vulnerability in Qdrant Qdrant. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 46.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Similarity Search; in the Supply Chain and Deployment risk domain; MITRE ATLAS techniques in scope: AI Supply Chain Compromise (AML.T0010), Exfiltration via AI Inference API (AML.T0024), External Harms (AML.T0048).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-1965
Vulnerability details
qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to…
more
a desired file on the filesystem and arbitrary file write by including a symlink and a payload file in the snapshot's directory structure. This vulnerability allows for the reading and writing of arbitrary files on the server, which could potentially lead to a full takeover of the system. The issue is fixed in version v1.9.0.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Similarity Search
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Qdrant is an open-source vector database designed for similarity search and storage of embeddings, commonly used in AI/ML applications for semantic search and RAG systems.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Arbitrary file read enables local data collection (T1005), file discovery (T1083), and credential theft from files (T1552.001). Arbitrary file write enables local account creation via /etc/passwd edits (T1136.001), systemd service modification (T1543.002), and sudo abuse via /etc/sudoers edits (T1548.003).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.