Platform
python
Component
mlflow
Fixed in
2.12.1
CVE-2024-1558 describes a path traversal vulnerability discovered in MLflow, a platform for managing the machine learning lifecycle. This vulnerability allows attackers to potentially read sensitive files on the server by exploiting improper validation of the source parameter within the createmodel_version() function. The vulnerability affects MLflow versions 2.9.2 and earlier, and a fix is available in version 2.12.1.
The path traversal vulnerability in MLflow allows an attacker to bypass security checks and access files outside of the intended directory. By crafting a malicious source parameter, an attacker can manipulate the model version creation process and read arbitrary files on the server hosting the MLflow tracking server. This could expose sensitive data such as configuration files, credentials, or even source code. The potential impact extends beyond simple data exposure; an attacker could potentially use this access to further compromise the system or gain a foothold for other attacks. The ability to read arbitrary files represents a significant security risk, particularly in environments where MLflow is used to manage sensitive machine learning models and data.
CVE-2024-1558 was publicly disclosed on April 16, 2024. There is currently no indication of active exploitation in the wild, but the availability of a public proof-of-concept could change this. The vulnerability is not currently listed on the CISA KEV catalog. Given the relatively straightforward nature of path traversal vulnerabilities, it is prudent to apply the patch promptly.
Exploit Status
EPSS
0.09% (26% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-1558 is to upgrade MLflow to version 2.12.1 or later, which includes the necessary fix. If upgrading immediately is not feasible, consider implementing temporary workarounds. Restrict access to the MLflow tracking server to only authorized users and systems. Implement strict input validation on the source parameter to prevent malicious input. Monitor MLflow logs for suspicious activity, particularly attempts to access files outside of the expected directories. Consider using a Web Application Firewall (WAF) to filter out malicious requests targeting the vulnerability. After upgrading, confirm the fix by attempting to create a model version with a crafted source parameter containing relative path traversal sequences (e.g., ../sensitive_file.txt).
Actualice la biblioteca mlflow a la última versión disponible. Esto solucionará la vulnerabilidad de path traversal. Consulte las notas de la versión para obtener más detalles sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-1558 is a path traversal vulnerability in MLflow versions 2.9.2 and earlier, allowing attackers to read arbitrary files on the server by manipulating the 'source' parameter.
You are affected if you are using MLflow versions 2.9.2 or earlier. Upgrade to 2.12.1 or later to mitigate the risk.
Upgrade MLflow to version 2.12.1 or later. Implement temporary workarounds like restricting access and validating input if immediate upgrade is not possible.
There is currently no indication of active exploitation in the wild, but the vulnerability is publicly known and a proof-of-concept may be available.
Refer to the MLflow GitHub security advisory: https://github.com/mlflow/mlflow/security/advisories/GHSA-983x-x93g-956x
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.