CVE-2024-5550
Published: 06 June 2024
Summary
CVE-2024-5550 is a medium-severity Path Traversal (CWE-22) vulnerability in H2O H2O. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique System Owner/User Discovery (T1033); ranked in the top 20.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Privacy and Disclosure risk domain; MITRE ATLAS techniques in scope: Obtain Capabilities (AML.T0016), Exfiltration via AI Inference API (AML.T0024).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-2199
Vulnerability details
In h2oai/h2o-3 version 3.40.0.4, an exposure of sensitive information vulnerability exists due to an arbitrary system path lookup feature. This vulnerability allows any remote user to view full paths in the entire file system where h2o-3 is hosted. Specifically, the…
more
issue resides in the Typeahead API call, which when requested with a typeahead lookup of '/', exposes the root filesystem including directories such as /home, /usr, /bin, among others. This vulnerability could allow attackers to explore the entire filesystem, and when combined with a Local File Inclusion (LFI) vulnerability, could make exploitation of the server trivial.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- H2O-3 is an open-source machine learning platform from H2O.ai, fitting under 'Other Platforms' as a general AI/ML platform not matching more specific categories like Deep Learning Frameworks or NLP.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Arbitrary system path lookup via Typeahead API enables remote filesystem enumeration, facilitating system owner/user discovery (/home), system information discovery (OS paths), file/directory discovery (full FS traversal), and software discovery (installed binaries in /usr/bin etc.).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.