CVE-2024-9099
Published: 20 March 2025
Description
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
Security Summary
CVE-2024-9099 is a vulnerability in lunary-ai/lunary version v1.4.29, where the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. The private API keys become visible in the developer tools when the endpoint is called from the frontend, enabling unauthorized access to sensitive credentials.
Attackers require only low-privilege access (PR:L), such as a Viewer or Prompt Editor role, to exploit this remotely (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N), earning a CVSS v3.1 base score of 8.1 (C:H/I:H/A:N). Successful exploitation allows retrieval of the API keys, which can then be used to perform actions on behalf of the affected project, access private data, and delete resources.
A fix is available via commit 8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc in the lunary-ai/lunary GitHub repository. Further details on the vulnerability and remediation are provided on the Huntr bounty page at https://huntr.com/bounties/ffb84fe8-3e60-4200-ac2d-1fd1e1c93e91.
Details
- CWE(s)
Affected Products
AI Security Analysis
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- MITRE ATLAS Techniques
- None mapped
- Classification Reason
- Lunary.ai is an LLM observability and management platform (alternative to LangSmith) for AI projects involving prompts and API keys, fitting enterprise tools for AI assistants and LLM apps.
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability exposes private API keys via a GET /projects endpoint to low-privilege users (e.g., Viewers), enabling adversaries to steal application access tokens (T1528) and exploit unsecured credentials (T1552) for unauthorized actions.