Cyber Resilience

CVE-2024-4151

HighPublic PoC

Published: 20 May 2024

Published
20 May 2024
Modified
31 January 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0013 31.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-4151 is a high-severity Authorization Bypass Through User-Controlled Key (CWE-639) vulnerability in Lunary Lunary. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Cloud API (T1059.009); ranked at the 31.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Other Platforms; in the Privacy and Disclosure risk domain; MITRE ATLAS techniques in scope: AI Supply Chain Compromise (AML.T0010), Obtain Capabilities (AML.T0016), LLM Prompt Injection (AML.T0051).

EU & UK References

Vulnerability details

An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability…

more

allows unauthorized users to manipulate or access sensitive project data, potentially leading to data integrity and confidentiality issues.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Lunary.ai is an open-source LLM observability and management platform for monitoring, debugging, and improving LLM applications, fitting under 'Other Platforms' as it is neither a framework, library, nor specific AI subdomain tool but a broader AI/ML platform. The vulnerability affects access to prompts and project data used in AI/LLM workflows.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.009 Cloud API Execution
Adversaries may abuse cloud APIs to execute malicious commands.
T1213 Data from Information Repositories Collection
Adversaries may leverage information repositories to mine valuable information.
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

The improper access control in GET/PATCH requests for template versions enables unauthorized data collection from information repositories (T1213) and stored data manipulation (T1565.001) via abuse of the cloud/web API (T1059.009).

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0010: AI Supply Chain CompromiseAML.T0016: Obtain CapabilitiesAML.T0051: LLM Prompt InjectionAML.T0048: External Harms

Affected Assets

lunary
lunary
≤ 1.2.25

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-639

Per-request decision making makes it harder to bypass authorization using user-controlled keys without proper validation in the decision process.

addresses: CWE-639

Consistent enforcement of approved authorizations makes bypassing via user-controlled keys ineffective.

References