Impact
The vulnerability in Mythic arises from a broken permission filter in the Hasura layer that manages the payload_build_step table. An always‑satisfied _or condition in the filter removes the intended operation‑scoped restriction, allowing legitimate users to read step_stdout, step_stderr, step_name, and step_description data for every operation hosted on the server. This flaw permits an authenticated operator or spectator to access potentially sensitive execution details from all payloads, exposing confidential information that should be isolated to the owning operation.
Affected Systems
The issue affects the Mythic platform, specifically versions earlier than 3.4.0.60, released by its‑a‑feature. Any deployment running those versions, regardless of environment, is susceptible. The flaw does not affect later releases.
Risk and Exploitability
The CVSS score of 7.1 classifies the weakness as high severity. Because the exploit requires authenticated access and the EPSS score is currently unavailable, the risk is moderate but significant. The lack of a KEV listing indicates no known widely‑available public exploit, but an attacker with operator or spectator credentials can immediately retrieve all payload operation logs, constituting a confidentiality breach rather than a code execution vector.
OpenCVE Enrichment