10

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-2044

GHSA ID

GHSA-rj98-crf4-g69w

EPSS Score

0.98943%

CWE

CWE-22

Published

3/7/2024

Updated

8/2/2024

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-2044

CVE-2024-2044: pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user

pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on POSIX/Linux, an authenticated attacker can upload pickle objects, deserialize them and gain code execution.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-2044

CVE-2024-2044:

10

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-2044

GHSA ID

GHSA-rj98-crf4-g69w

EPSS Score

0.98943%

CWE

CWE-22

Published

3/7/2024

Updated

8/2/2024

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
pgAdmin4	pip	< 8.4	8.4

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from three key issues:

Path traversal via os.path.join() in session file operations (CWE-22)
Unsafe pickle deserialization (CWE-502)
Lack of path sanitization (CWE-31)

The commit diff shows replacement of os.path.join() with safe_join() and added security checks. The original functions in FileBackedSessionManager directly used user-controlled session IDs in path construction without validation, allowing attackers to:

On Windows: Reference remote SMB paths for unauthenticated RCE
On Linux: Traverse to uploaded pickle files for authenticated RCE These functions were directly involved in the insecure path handling and deserialization chain.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

10

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-2044: pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user

CVE-2024-2044:

10

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

10

10

CVE-2024-2044: pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user

Technical Details

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI