Description
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when the application is running in 'just me' mode with a password. An attacker can exploit this vulnerability by making a request to the endpoint using the [validatedRequest] middleware with a specially crafted 'Authorization:' header. This vulnerability leads to uncontrolled resource consumption, causing a DoS condition.
INFO
Published Date :
2024-04-10T17:07:57.182Z
Last Modified :
2024-08-01T20:12:07.794Z
Source :
@huntr_ai
AFFECTED PRODUCTS
The following products are affected by CVE-2024-3569 vulnerability.
| Vendors | Products |
|---|---|
| Mintplexlabs |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2024-3569.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact