A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due to uncontrolled resource consumption. Specifically, the issue arises from the application's failure to limit the size of usernames, enabling attackers to create users with excessively bulky texts in the username field. This exploit results in the user management panel becoming unresponsive, preventing administrators from performing critical user management actions such as editing, suspending, or deleting users. The impact of this vulnerability includes administrative paralysis, compromised security, and operational disruption, as it allows malicious users to perpetuate their presence within the system indefinitely, undermines the system's security posture, and degrades overall system performance.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-06-25T10:29:55.339Z
Updated: 2024-06-26T17:20:30.275Z
Reserved: 2024-05-22T18:20:59.629Z
Link: CVE-2024-5216
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-25T11:15:50.193
Modified: 2024-06-25T12:24:17.873
Link: CVE-2024-5216
JSON object: View
Redhat Information
No data.
CWE