Overview
The Kluster Verify MCP server allows attackers to drain verification credits through unauthorized access to its MCP tools, causing financial impact and denial of service for legitimate verification operations.
Who Is Affected
Reported by mcpsec.dev. Affects organizations using the Kluster Verify MCP server for identity or credential verification workflows.
Where It Exists
The vulnerability is in the Kluster Verify MCP server's access control. The verification tools are accessible without proper authorization, allowing unauthorized credit consumption.
When It Was Found
Advisory published October 16, 2025 on mcpsec.dev.
How It Works
An attacker accesses the Kluster Verify MCP server's tools (either through network exposure or prompt injection) and repeatedly invokes verification operations. Each verification consumes credits from the organization's account. Automated exploitation can rapidly exhaust the entire credit balance.
Impact
Financial loss through credit exhaustion. Denial of service for legitimate verification operations until credits are replenished. Potential for verified identity data leakage through the verification tool responses.
Mitigation
Add authentication to the MCP server endpoint. Implement rate limiting on verification operations. Set up credit usage alerts and automatic cutoffs. Bind the server to localhost if only local access is needed.