CVE-2024-9096
Published: 20 March 2025
Summary
CVE-2024-9096 is a high-severity Missing Authorization (CWE-862) vulnerability in Lunary Lunary. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Stored Data Manipulation (T1565.001); ranked at the 34.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires enforcement mechanisms like access control middleware to restrict PATCH requests on /checklists/:id to authorized users such as project owners or admins.
Implements least privilege to ensure low-privilege project users cannot modify checklist data, slugged fields, or workflows.
Restricts access to modifications of project resources like checklists to defined roles, mitigating unauthorized changes to business logic and integrity.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The improper access control in the /checklists/:id PATCH endpoint enables low-privilege users to modify stored checklist data (e.g., slug or content), facilitating stored data manipulation to tamper with project workflows and business logic integrity.
NVD Description
In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to modify checklists by sending a PATCH request. The route lacks proper access control, such as middleware to ensure that only authorized users (e.g., project owners or admins) can modify…
more
checklist data. This vulnerability allows any user associated with the project, regardless of their role, to modify checklists, including changing the slug or data fields, which can lead to tampering with essential project workflows, altering business logic, and introducing errors that undermine integrity.
Deeper analysisAI
CVE-2024-9096 is a missing authorization vulnerability in lunary-ai/lunary version 1.4.28. The /checklists/:id route permits low-privilege users to modify checklists through PATCH requests due to the absence of proper access control middleware, which should restrict modifications to authorized users such as project owners or admins. This issue, mapped to CWE-862, carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).
The vulnerability can be exploited by any user associated with a project, irrespective of their role, who can send a PATCH request to the affected endpoint. Successful exploitation allows modification of checklist data, including slug or other fields, enabling attackers to tamper with essential project workflows, alter business logic, and introduce errors that compromise data integrity.
Mitigation is provided via a patch in the commit at https://github.com/lunary-ai/lunary/commit/a8d7b2959e87c30fbafdb12af7ffa093385dcc60. Additional details on the vulnerability and fix are documented on the Huntr bounty page at https://huntr.com/bounties/653e7109-4c21-4e33-b636-7598d3202b9a.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Lunary-ai/lunary is an open-source LLM observability and engineering platform for AI/ML projects, fitting the Enterprise AI Assistants category as it supports management and workflows for enterprise AI applications.