Cyber Resilience

CVE-2024-5389

HighPublic PoC

Published: 09 June 2024

Published
09 June 2024
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0013 31.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-5389 is a high-severity Insufficient Granularity of Access Control (CWE-1220) vulnerability in Lunary Lunary. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Cloud Accounts (T1078.004); ranked at the 31.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Data-Related Vulnerabilities risk domain; MITRE ATLAS techniques in scope: AML.T0026, Search Open AI Vulnerability Analysis (AML.T0001), External Harms (AML.T0048).

EU & UK References

Vulnerability details

In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to create, update, get, and delete prompt variations for datasets not owned by their organization. This issue arises due to the application not properly validating the ownership…

more

of dataset prompts and their variations against the organization or project of the requesting user. As a result, unauthorized modifications to dataset prompts can occur, leading to altered or removed dataset prompts without proper authorization. This vulnerability impacts the integrity and consistency of dataset information, potentially affecting the results of experiments.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Data-Related Vulnerabilities
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Lunary.ai is an observability and management platform for LLMs, enabling teams to manage prompts, datasets, and experiments, fitting the Enterprise AI Assistants category as it supports enterprise-level AI/LLM application monitoring and control.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1078.004 Cloud Accounts Stealth
Valid accounts in cloud environments may allow adversaries to perform actions to achieve Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
T1213 Data from Information Repositories Collection
Adversaries may leverage information repositories to mine valuable information.
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

The insufficient access control allows valid cloud accounts (T1078.004) to perform unauthorized get operations for data collection (T1213) and create/update/delete operations for stored data manipulation (T1565.001) on other organizations' datasets and prompts.

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0026AML.T0001: Search Open AI Vulnerability AnalysisAML.T0048: External Harms

Affected Assets

lunary
lunary
1.2.13

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-1220

Use of granular security and privacy attributes enables finer access control than coarse permission models alone.

addresses: CWE-1220

Documenting interface characteristics enables more granular control over internal access.

addresses: CWE-1220

Requires the architecture to describe granularity and placement of controls, preventing insufficiently fine-grained access decisions.

addresses: CWE-1220

Provides the necessary granularity by placing system management functions outside the reach of user-level access controls.

addresses: CWE-1220

Isolation supplies an explicit, enforceable granularity boundary between security and non-security functions that coarser access-control schemes lack.

References