Dify
CVE-2024-12039
HIGH
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. This allows an unauthenticated attacker to reset owner, admin, or other user passwords within a few hours by guessing the six-digit code, resulting in a complete compromise of the application.
AnalysisAI
langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-307. langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. This allows an unauthenticated attacker to reset owner, admin, or other user passwords within a few hours by guessing the six-digit code, resulting in a complete compromise of the application. Affected products include: Langgenius Dify.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
Path traversal in Dify versions 0 through 1.14.1 allows authenticated tenants to escape their authorized tenant path and
Cross-tenant authorization bypass in LangGenius Dify versions through 1.14.1 lets any logged-in editor reroute another t
A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts
SQL injection in Dify's MyScale vector store backend (versions before 1.16.0-rc1) lets authenticated attackers execute a
Cross-tenant document disclosure in Dify 1.14.1 and prior allows any authenticated user to read up to 3,000 characters o
In langgenius/dify v0.10.1, the `/forgot-password/resets` endpoint does not verify the password reset code, allowing an
Dify is an open-source LLM app development platform. Rated high severity (CVSS 7.6), this vulnerability is remotely expl
A stored cross-site scripting (XSS) vulnerability exists in langgenius/dify version latest, specifically in the chat log
langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. Rated high severity (CVSS 7.5
CVE-2025-3466 is a security vulnerability (CVSS 7.2). Risk factors: public PoC available. Vendor patch is available.
A vulnerability in langgenius/dify versions <=v0.9.1 allows for code injection via internal SSRF requests in the Dify sa
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today