← Back

CVE-2024-8072

nvd nist
Published: Aug 22, 2024Modified: Oct 10, 2025

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: reefs@jfrog.com (Secondary)

Description

Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users

Affected (1)

Products: Mage: Mage Ai
Mage
1 product
Mage Ai
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Mage Ai
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

Source: reefs@jfrog.com
ExploitThird Party Advisory

Timeline

No history available yet.