CVE-2024-5389
Published: 09 June 2024
Summary
CVE-2024-5389 is a high-severity Insufficient Granularity of Access Control (CWE-1220) vulnerability in Lunary Lunary. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Cloud Accounts (T1078.004); ranked at the 31.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Data-Related Vulnerabilities risk domain; MITRE ATLAS techniques in scope: AML.T0026, Search Open AI Vulnerability Analysis (AML.T0001), External Harms (AML.T0048).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-1902
Vulnerability details
In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to create, update, get, and delete prompt variations for datasets not owned by their organization. This issue arises due to the application not properly validating the ownership…
more
of dataset prompts and their variations against the organization or project of the requesting user. As a result, unauthorized modifications to dataset prompts can occur, leading to altered or removed dataset prompts without proper authorization. This vulnerability impacts the integrity and consistency of dataset information, potentially affecting the results of experiments.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Data-Related Vulnerabilities
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Lunary.ai is an observability and management platform for LLMs, enabling teams to manage prompts, datasets, and experiments, fitting the Enterprise AI Assistants category as it supports enterprise-level AI/LLM application monitoring and control.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The insufficient access control allows valid cloud accounts (T1078.004) to perform unauthorized get operations for data collection (T1213) and create/update/delete operations for stored data manipulation (T1565.001) on other organizations' datasets and prompts.
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Use of granular security and privacy attributes enables finer access control than coarse permission models alone.
Documenting interface characteristics enables more granular control over internal access.
Requires the architecture to describe granularity and placement of controls, preventing insufficiently fine-grained access decisions.
Provides the necessary granularity by placing system management functions outside the reach of user-level access controls.
Isolation supplies an explicit, enforceable granularity boundary between security and non-security functions that coarser access-control schemes lack.