CVE-2024-8182

Summary

CVE-2024-8182 is an unauthenticated denial of service (DoS) vulnerability found in Flowise version 1.8.2, which can lead to a complete crash of the application when improper user input is processed by the "/api/v1/get-upload-file" endpoint. This flaw affects the Flowise product and has a high severity rating with an exploitability score of 3.9, indicating low attack complexity and no required user interaction. Organizations utilizing the affected version are at risk of service disruption due to this vulnerability, posing significant availability impacts. Remediation measures include upgrading to a patched version of Flowise that resolves this issue. It is crucial for organizations to address this vulnerability promptly to maintain operational integrity and prevent potential outages.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.