CVE-2024-8487
Published: 20 March 2025
Summary
CVE-2024-8487 is a critical-severity Origin Validation Error (CWE-346) vulnerability in Modelscope Agentscope. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 49.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and CM-6 (Configuration Settings).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Mandates secure baseline configuration settings for the agentscope server to properly restrict CORS policies to trusted origins only, directly addressing the misconfiguration vulnerability.
Requires security safeguards for public web APIs like agentscope to prevent unauthorized cross-origin requests and information disclosure.
Enforces information flow control policies at the application level to validate origins and block unauthorized cross-origin API access.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a misconfigured CORS policy in a public-facing agentscope server that allows remote unauthenticated cross-origin API access, directly enabling exploitation of the public-facing application as per T1190.
NVD Description
A Cross-Origin Resource Sharing (CORS) vulnerability exists in modelscope/agentscope version v0.0.4. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can lead…
more
to unauthorized data access, information disclosure, and potential further exploitation, thereby compromising the integrity and confidentiality of the system.
Deeper analysisAI
CVE-2024-8487 is a Cross-Origin Resource Sharing (CORS) vulnerability in modelscope/agentscope version v0.0.4. The flaw stems from improper CORS configuration on the agentscope server, which fails to restrict access to only trusted origins. This allows any external domain to make requests to the API, potentially leading to unauthorized data access, information disclosure, and further exploitation that compromises the system's integrity and confidentiality. The vulnerability is rated with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-346 (Origin Validation Error).
The vulnerability can be exploited remotely over the network by any unauthenticated attacker with no privileges required and no user interaction needed. Attackers can leverage the misconfigured CORS policy to bypass origin restrictions, enabling cross-origin requests from malicious websites or scripts. Successful exploitation grants high-impact access to sensitive data, allows modification of resources (integrity impact), and disrupts service availability, facilitating broader compromise of the affected agentscope deployment.
Advisories and details on the vulnerability are documented in the Huntr bounty report at https://huntr.com/bounties/7aca7507-a94e-4e63-83a2-15648e5c4067, which disclosed the issue originally. The CVE was published on 2025-03-20T10:15:42.360.
Details
- CWE(s)