Vulnerability Description
In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where the password hash of a user is returned in the response after login (`POST /api/request-token`) and after account creations (`POST /api/admin/users/new`). This exposure occurs because the entire User object, including the bcrypt password hash, is included in the response sent to the frontend. This practice could potentially lead to sensitive information exposure despite the use of bcrypt, a strong hashing algorithm. It is recommended not to expose any clues about passwords to the frontend.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mintplexlabs | Anythingllm | <= 1.5.3 |
Related Weaknesses (CWE)
References
- https://github.com/mintplex-labs/anything-llm/commit/9df4521113ddb9a3adb5d0e3941Patch
- https://huntr.com/bounties/8794fb65-50aa-40e3-b348-a29838dbf63dExploitThird Party Advisory
- https://github.com/mintplex-labs/anything-llm/commit/9df4521113ddb9a3adb5d0e3941Patch
- https://huntr.com/bounties/8794fb65-50aa-40e3-b348-a29838dbf63dExploitThird Party Advisory
FAQ
What is CVE-2024-5213?
CVE-2024-5213 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where the password hash of a user is returned in the response after login (`POST /api/request-token`) and afte...
How severe is CVE-2024-5213?
CVE-2024-5213 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5213?
Check the references section above for vendor advisories and patch information. Affected products include: Mintplexlabs Anythingllm.