Path Traversal Vulnerability in mlflow/mlflow version 2.9.2
CVE-2024-1483

7.5HIGH

Key Information:

Vendor: Mlflow
Status: Mlflow/mlflow
Vendor: CVE Published:; 16 April 2024

Summary

A path traversal vulnerability has been identified in mlflow version 2.9.2 by Databricks, which allows attackers to potentially access sensitive files on the server. This vulnerability arises from inadequate validation of user inputs within the server's request handlers. Attackers can exploit this flaw by sending specially crafted HTTP POST requests that include manipulated 'artifact_location' and 'source' parameters, utilizing a local URI formatted with '#' rather than '?'. Consequently, this can allow unauthorized access to files buried deep within the server's directory structure, posing significant risks to data security.

Affected Version(s)

mlflow/mlflow <= unspecified

References

https://huntr.com/bounties/52a3855d-93ff-4460-ac24-9c7e43...

EPSS Score

30% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 16, 2024
Vulnerability Reserved
Feb 13, 2024