Is CVE-2024-3153 actively exploited?

CVE-2024-3153 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2024-3153?

CVE-2024-3153 has a CVSS score of 6.5 (MEDIUM severity). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

How do I patch CVE-2024-3153?

Patch guidance is available from mintplexlabs security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2024-3153.

Which products are affected by CVE-2024-3153?

1 product: mintplexlabs anythingllm.

CVE-2024-3153 - remediation guidance & executive summary

Description

mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents can exploit this vulnerability to cause a DOS condition by manipulating the upload request.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector: network
Complexity: low
Privileges: low
User Action: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
Weaknesses: CWE-400

Metadata

Primary Vendor: MINTPLEXLABS
Published: 6/6/2024
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

mintplexlabs : anythingllm

Remediation Guidance

Executive Summary

Cite this page

CVE-2024-3153. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2024-3153

View on NIST NVD

CVE-2024-3153 vulnerability