CVE-2024-1625 - Vulnerability Details - OpenCVE

An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary application version 0.3.0, allowing unauthorized deletion of any organization's project. The vulnerability is due to insufficient authorization checks in the project deletion endpoint, where the endpoint fails to verify if the project ID provided in the request belongs to the requesting user's organization. As a result, an attacker can delete projects belonging to any organization by sending a crafted DELETE request with the target project's ID. This issue affects the project deletion functionality implemented in the projects.delete route.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Lunary	Lunary

Configuration 1 [-]

cpe:2.3:a:lunary:lunary:0.3.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec
https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21

History

Wed, 08 Jan 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lunary Lunary lunary
Weaknesses		CWE-639
CPEs		cpe:2.3:a:lunary:lunary:0.3.0:::::::*
Vendors & Products		Lunary Lunary lunary
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}`

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-04-10T17:07:55.385Z

Updated: 2024-08-01T18:48:21.501Z

Reserved: 2024-02-19T12:34:34.510Z

Link: CVE-2024-1625

Vulnrichment

Updated: 2024-08-01T18:48:21.501Z

NVD

Status : Analyzed

Published: 2024-04-10T17:15:52.727

Modified: 2025-01-08T18:58:39.100

Link: CVE-2024-1625

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1625", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-02-19T12:34:34.510Z", "datePublished": "2024-04-10T17:07:55.385Z", "dateUpdated": "2024-08-01T18:48:21.501Z"}, "containers": {"cna": {"title": "IDOR Vulnerability in lunary-ai/lunary", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-04-16T11:10:26.520Z"}, "descriptions": [{"lang": "en", "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary application version 0.3.0, allowing unauthorized deletion of any organization's project. The vulnerability is due to insufficient authorization checks in the project deletion endpoint, where the endpoint fails to verify if the project ID provided in the request belongs to the requesting user's organization. As a result, an attacker can delete projects belonging to any organization by sending a crafted DELETE request with the target project's ID. This issue affects the project deletion functionality implemented in the projects.delete route."}], "affected": [{"vendor": "lunary-ai", "product": "lunary-ai/lunary", "versions": [{"version": "unspecified", "lessThan": "1.0.1", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21"}, {"url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-863 Incorrect Authorization", "cweId": "CWE-863"}]}], "source": {"advisory": "cf6dd625-e6c9-44df-a072-13686816de21", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "lunary-ai", "product": "lunary", "cpes": ["cpe:2.3:a:lunary-ai:lunary:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.0.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-10T19:15:28.895607Z", "id": "CVE-2024-1625", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T13:12:36.469Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.501Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21", "tags": ["x_transferred"]}, {"url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21", "tags": ["x_transferred"]}, {"url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.501Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1625", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-10T19:15:28.895607Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:lunary-ai:lunary:*:*:*:*:*:*:*:*"], "vendor": "lunary-ai", "product": "lunary", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-20T16:35:52.408Z"}}], "cna": {"title": "IDOR Vulnerability in lunary-ai/lunary", "source": {"advisory": "cf6dd625-e6c9-44df-a072-13686816de21", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "lunary-ai", "product": "lunary-ai/lunary", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "1.0.1", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21"}, {"url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec"}], "descriptions": [{"lang": "en", "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary application version 0.3.0, allowing unauthorized deletion of any organization's project. The vulnerability is due to insufficient authorization checks in the project deletion endpoint, where the endpoint fails to verify if the project ID provided in the request belongs to the requesting user's organization. As a result, an attacker can delete projects belonging to any organization by sending a crafted DELETE request with the target project's ID. This issue affects the project deletion functionality implemented in the projects.delete route."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-04-16T11:10:26.520Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1625", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:48:21.501Z", "dateReserved": "2024-02-19T12:34:34.510Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-04-10T17:07:55.385Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lunary:lunary:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "28E0EFA7-B041-4D28-82F5-F7415CEA91E8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary application version 0.3.0, allowing unauthorized deletion of any organization's project. The vulnerability is due to insufficient authorization checks in the project deletion endpoint, where the endpoint fails to verify if the project ID provided in the request belongs to the requesting user's organization. As a result, an attacker can delete projects belonging to any organization by sending a crafted DELETE request with the target project's ID. This issue affects the project deletion functionality implemented in the projects.delete route."}, {"lang": "es", "value": "Existe una vulnerabilidad de referencia directa a objetos inseguros (IDOR) en la versi\u00f3n 0.3.0 de la aplicaci\u00f3n lunary-ai/lunary, que permite la eliminaci\u00f3n no autorizada de cualquier proyecto de una organizaci\u00f3n. La vulnerabilidad se debe a comprobaciones de autorizaci\u00f3n insuficientes en el punto de conexi\u00f3n de eliminaci\u00f3n de proyectos, donde el punto de conexi\u00f3n no verifica si el ID del proyecto proporcionado en la solicitud pertenece a la organizaci\u00f3n del usuario solicitante. Como resultado, un atacante puede eliminar proyectos que pertenecen a cualquier organizaci\u00f3n enviando una solicitud DELETE manipulada con el ID del proyecto de destino. Este problema afecta a la funcionalidad de eliminaci\u00f3n de proyectos implementada en la ruta projects.delete."}], "id": "CVE-2024-1625", "lastModified": "2025-01-08T18:58:39.100", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-10T17:15:52.727", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/lunary-ai/lunary/commit/88f98e29f19da9d1f5de45c5b163fd5b48e0bcec"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.com/bounties/cf6dd625-e6c9-44df-a072-13686816de21"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@huntr.dev", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}]}