Cyber Posture

CVE-2024-9096

HighPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
15 October 2025
KEV Added
Patch
CVSS Score 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
EPSS Score 0.0014 34.5th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.

Security Summary

CVE-2024-9096 is a missing authorization vulnerability in lunary-ai/lunary version 1.4.28. The /checklists/:id route permits low-privilege users to modify checklists through PATCH requests due to the absence of proper access control middleware, which should restrict modifications to authorized users such as project owners or admins. This issue, mapped to CWE-862, carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).

The vulnerability can be exploited by any user associated with a project, irrespective of their role, who can send a PATCH request to the affected endpoint. Successful exploitation allows modification of checklist data, including slug or other fields, enabling attackers to tamper with essential project workflows, alter business logic, and introduce errors that compromise data integrity.

Mitigation is provided via a patch in the commit at https://github.com/lunary-ai/lunary/commit/a8d7b2959e87c30fbafdb12af7ffa093385dcc60. Additional details on the vulnerability and fix are documented on the Huntr bounty page at https://huntr.com/bounties/653e7109-4c21-4e33-b636-7598d3202b9a.

Details

CWE(s)
CWE-862NVD-CWE-noinfo

Affected Products

lunary
lunary
1.4.28

AI Security Analysis

AI Category
Enterprise AI Assistants
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
MITRE ATLAS Techniques
None mapped
Classification Reason
Lunary-ai/lunary is an open-source LLM observability and engineering platform for AI/ML projects, fitting the Enterprise AI Assistants category as it supports management and workflows for enterprise AI applications.

MITRE ATT&CK Enterprise Techniques

T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
attack.mitre.org →
Why these techniques?

The improper access control in the /checklists/:id PATCH endpoint enables low-privilege users to modify stored checklist data (e.g., slug or content), facilitating stored data manipulation to tamper with project workflows and business logic integrity.

References