CVE-2024-2195 - Vulnerability Details - OpenCVE

A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Aimhubio	Aim
Aimstack	Aim

Configuration 1 [-]

cpe:2.3:a:aimstack:aim:*:*:*:*:*:python:*:*

No data.

References

Link	Providers
https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018

History

Tue, 29 Jul 2025 20:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Aimstack Aimstack aim
CPEs		cpe:2.3:a:aimstack:aim::::::python::*
Vendors & Products		Aimstack Aimstack aim

MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2024-04-10T17:08:12.635Z

Updated: 2024-08-01T19:03:39.092Z

Reserved: 2024-03-05T17:05:44.917Z

Link: CVE-2024-2195

Vulnrichment

Updated: 2024-08-01T19:03:39.092Z

NVD

Status : Analyzed

Published: 2024-04-10T17:15:54.067

Modified: 2025-07-29T20:31:13.403

Link: CVE-2024-2195

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2195", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-03-05T17:05:44.917Z", "datePublished": "2024-04-10T17:08:12.635Z", "dateUpdated": "2024-08-01T19:03:39.092Z"}, "containers": {"cna": {"title": "Remote Code Execution in aimhubio/aim", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-04-16T11:10:40.863Z"}, "descriptions": [{"lang": "en", "value": "A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise."}], "affected": [{"vendor": "aimhubio", "product": "aimhubio/aim", "versions": [{"version": "unspecified", "status": "affected", "versionType": "custom", "lessThanOrEqual": "latest"}]}], "references": [{"url": "https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code", "cweId": "CWE-94"}]}], "source": {"advisory": "22f2355e-b875-4c01-b454-327e5951c018", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "aimhubio", "product": "aim", "cpes": ["cpe:2.3:a:aimhubio:aim:3.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.0.0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-10T19:27:31.546352Z", "id": "CVE-2024-2195", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T16:44:43.150Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:03:39.092Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:03:39.092Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2195", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-10T19:27:31.546352Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:aimhubio:aim:3.0.0:*:*:*:*:*:*:*"], "vendor": "aimhubio", "product": "aim", "versions": [{"status": "affected", "version": "3.0.0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-15T16:44:37.759Z"}}], "cna": {"title": "Remote Code Execution in aimhubio/aim", "source": {"advisory": "22f2355e-b875-4c01-b454-327e5951c018", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "aimhubio", "product": "aimhubio/aim", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "latest"}]}], "references": [{"url": "https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018"}], "descriptions": [{"lang": "en", "value": "A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-04-16T11:10:40.863Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2195", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:03:39.092Z", "dateReserved": "2024-03-05T17:05:44.917Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-04-10T17:08:12.635Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:aimstack:aim:*:*:*:*:*:python:*:*", "matchCriteriaId": "4BDF0E08-A503-4D11-B66A-D99A96E703DE", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise."}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad cr\u00edtica de ejecuci\u00f3n remota de c\u00f3digo (RCE) en el proyecto aimhubio/aim, espec\u00edficamente dentro del endpoint `/api/runs/search/run/`, que afecta a las versiones >= 3.0.0. La vulnerabilidad reside en la funci\u00f3n `run_search_api` del archivo `aim/web/api/runs/views.py`, donde la restricci\u00f3n indebida del acceso del usuario al objeto `RunView` permite la ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro `query`. Este problema permite a los atacantes ejecutar comandos arbitrarios en el servidor, lo que potencialmente puede provocar un compromiso total del sistema."}], "id": "CVE-2024-2195", "lastModified": "2025-07-29T20:31:13.403", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2024-04-10T17:15:54.067", "references": [{"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/22f2355e-b875-4c01-b454-327e5951c018"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security@huntr.dev", "type": "Secondary"}]}