Plattform
python
Komponente
mlflow
Behoben in
2.12.1
CVE-2024-1558 describes a path traversal vulnerability discovered in MLflow, a platform for managing the machine learning lifecycle. This vulnerability allows attackers to potentially read sensitive files on the server by exploiting improper validation of the source parameter within the createmodel_version() function. The vulnerability affects MLflow versions 2.9.2 and earlier, and a fix is available in version 2.12.1.
The path traversal vulnerability in MLflow allows an attacker to bypass security checks and access files outside of the intended directory. By crafting a malicious source parameter, an attacker can manipulate the model version creation process, leading to arbitrary file reads. This could expose sensitive data such as configuration files, API keys, or even model artifacts containing proprietary information. Successful exploitation could lead to a significant compromise of the MLflow server and the data it manages. The impact is amplified if the MLflow server is deployed in a production environment or handles sensitive machine learning data.
CVE-2024-1558 was publicly disclosed on April 16, 2024. No known active exploitation campaigns have been reported at the time of writing. A public proof-of-concept may be available or emerge, increasing the risk of exploitation. The vulnerability is not currently listed on the CISA KEV catalog.
Organizations deploying MLflow for machine learning model management, particularly those using older versions (≤2.9.2), are at risk. Shared hosting environments where multiple users share the same MLflow instance are especially vulnerable, as an attacker could potentially access data belonging to other users. Environments with weak access controls to the MLflow tracking server are also at increased risk.
• python / mlflow:
import os
import mlflow
# Attempt to read a file outside the intended directory
try:
mlflow.tracking.MlflowClient().create_model_version('model', '1', source='../../../../../../etc/passwd')
print('Potential vulnerability detected!')
except Exception as e:
print(f'Error: {e}')• generic web: Check MLflow server logs for requests containing path traversal sequences (e.g., '../').
• generic web: Monitor network traffic to the MLflow server for suspicious requests targeting the /tracking/model-versions endpoint.
disclosure
Exploit-Status
EPSS
0.09% (26% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-1558 is to upgrade MLflow to version 2.12.1 or later, which contains the fix for this vulnerability. If upgrading immediately is not feasible, consider implementing temporary workarounds. These may include restricting access to the MLflow server, implementing stricter input validation on the source parameter, or using a Web Application Firewall (WAF) to filter out malicious requests. Monitor MLflow logs for suspicious activity, particularly requests containing unusual characters or path manipulations. After upgrading, confirm the fix by attempting to access a non-existent file via the model version creation endpoint and verifying that access is denied.
Actualice la biblioteca mlflow a la última versión disponible. Esto solucionará la vulnerabilidad de path traversal. Consulte las notas de la versión para obtener más detalles sobre la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-1558 is a path traversal vulnerability in MLflow versions 2.9.2 and earlier, allowing attackers to read arbitrary files on the server by manipulating the 'source' parameter.
You are affected if you are using MLflow versions 2.9.2 or earlier. Upgrade to 2.12.1 or later to mitigate the risk.
Upgrade MLflow to version 2.12.1 or later. Implement temporary workarounds like restricting access and validating input if immediate upgrade is not possible.
There is currently no indication of active exploitation in the wild, but the vulnerability is publicly known and a proof-of-concept may be available.
Refer to the MLflow GitHub security advisory: https://github.com/mlflow/mlflow/security/advisories/GHSA-983x-x93g-956x
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.