Executive Summary

The vulnerability exists in PraisonAI, a multi-agent teams system, specifically in versions prior to 4.5.97. The PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology information at /info without requiring any authentication. This means that any network client can connect to the server, enumerate the registered agents, and send arbitrary messages to these agents and their associated tool sets.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an unauthenticated attacker to connect to the PraisonAI Gateway server, discover all registered agents, and send arbitrary messages to them. This can lead to unauthorized information disclosure and manipulation of agent behavior, potentially compromising the confidentiality and integrity of the system. The CVSS score of 9.1 indicates a high severity with network attack vector, no privileges or user interaction required, and high impact on confidentiality and integrity.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, you should upgrade the PraisonAI Gateway server to version 4.5.97 or later, where the issue has been patched.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows any network client to connect to the PraisonAI Gateway server without authentication, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This unauthorized access and potential data exposure could lead to violations of data protection standards such as GDPR and HIPAA, which require strict access controls and protection of sensitive information.

Because the vulnerability results in high confidentiality and integrity impact (CVSS 9.1), it poses a significant risk to compliance with regulations that mandate safeguarding personal and sensitive data.

Useful 0 Not Useful 0