CVE-2024-45189

Summary

CVE-2024-45189 is a vulnerability in Mage AI that allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal issue in the "Git Content" request. The vulnerability has a medium severity rating, with a base score of 6.5 and high potential impact on confidentiality. It requires low privileges for exploitation and does not necessitate user interaction, making it accessible via network attacks. Organizations using Mage AI should remediate this vulnerability by applying any available patches or updates from the vendor. Failure to address this issue could lead to sensitive data exposure, posing significant risks to organizational security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.