Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
History

Thu, 22 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Mage
Mage mage-ai
Weaknesses CWE-200
CPEs cpe:2.3:a:mage:mage-ai:*:*:*:*:*:python:*:*
Vendors & Products Mage
Mage mage-ai
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 22 Aug 2024 08:00:00 +0000

Type Values Removed Values Added
Description Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
Title Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: JFROG

Published: 2024-08-22T07:52:52.184Z

Updated: 2024-11-25T12:43:15.618Z

Reserved: 2024-08-22T06:51:56.652Z

Link: CVE-2024-8072

cve-icon Vulnrichment

Updated: 2024-08-22T13:56:18.938Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-22T08:15:04.360

Modified: 2024-11-25T13:15:08.297

Link: CVE-2024-8072

cve-icon Redhat

No data.