Plattform
python
Komponente
mlflow
Behoben in
2.9.3
CVE-2024-1594 describes a path traversal vulnerability discovered in the MLflow project. This flaw allows attackers to potentially read sensitive files on the server by manipulating the artifact_location parameter during experiment creation. The vulnerability impacts MLflow versions 2.9.2 and earlier. A fix is available in a patched version of MLflow.
The primary impact of CVE-2024-1594 is unauthorized file access. By crafting a malicious artifact_location URI containing a fragment component (#), an attacker can manipulate the path to read files outside of the intended artifact storage directory. This could expose sensitive data such as configuration files, credentials, or even source code. The potential blast radius depends on the server's file system permissions and the data stored within it. Similar to CVE-2023-6909, this vulnerability exploits a weakness in URI parsing to gain unauthorized access.
CVE-2024-1594 was publicly disclosed on April 16, 2024. The vulnerability is present in the mlflow/mlflow repository on GitHub. There is no indication of active exploitation campaigns at this time, but the availability of a public proof-of-concept could change this. The EPSS score is currently pending evaluation. Monitor security advisories and threat intelligence feeds for updates.
Organizations deploying MLflow for machine learning model tracking and management are at risk. This includes teams using MLflow in production environments, particularly those with custom configurations or integrations that might not be fully aware of the vulnerability's implications. Shared hosting environments where multiple users share the same MLflow instance are also at increased risk.
• python / mlflow: Inspect MLflow server logs for requests containing # in the artifact_location parameter.
# Example: Search for log entries containing '#'
with open('mlflow.log', 'r') as f:
for line in f:
if '#' in line:
print(line)• generic web: Monitor web server access logs for requests to MLflow endpoints with unusual or unexpected characters in the artifact_location parameter.
• generic web: Check for unexpected files appearing in the MLflow artifact storage directory.
disclosure
Exploit-Status
EPSS
0.21% (43% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-1594 is to upgrade to a patched version of MLflow. Consult the MLflow project's release notes for the latest version containing the fix. If upgrading is not immediately feasible, consider implementing input validation on the artifactlocation parameter to sanitize user-provided input and prevent the injection of malicious characters. While not a complete solution, restricting file system permissions for the MLflow process can limit the attacker's ability to read sensitive files. After upgrading, confirm the fix by attempting to create an experiment with a crafted artifactlocation URI containing a path traversal sequence (e.g., #../../../../etc/passwd) and verifying that access is denied.
Actualice la biblioteca mlflow a la última versión disponible. Esto solucionará la vulnerabilidad de path traversal. Consulte las notas de la versión para obtener más detalles sobre la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-1594 is a Path Traversal vulnerability affecting MLflow versions 2.9.2 and earlier, allowing attackers to read arbitrary files by manipulating the artifact location URI.
You are affected if you are using MLflow version 2.9.2 or earlier. Upgrade to a patched version to mitigate the risk.
Upgrade to a patched version of MLflow. As a temporary workaround, implement input validation on the artifact_location parameter to prevent fragment components.
There are currently no confirmed reports of active exploitation, but the vulnerability is publicly known and a proof-of-concept may exist.
Refer to the MLflow security advisories and release notes on the MLflow GitHub repository for the latest information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.