Remote Unauthorized Access to Terminal Server Command History
CVE-2024-8072

Currently unrated

Key Information:

Vendor: Mage AI
Vendor: CVE Published:; 22 August 2024

What is CVE-2024-8072?

The Mage AI Terminal Server is susceptible to a vulnerability that enables remote attackers to access and leak the command history of terminal sessions belonging to arbitrary users. This flaw comes from insufficient authentication measures, allowing unauthenticated users to exploit the system. Exposure of terminal command history can lead to significant confidentiality issues, as sensitive information may be revealed allowing further exploitation or unauthorized access to the system.

References

https://research.jfrog.com/vulnerabilities/mage-ai-termin...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2024