免费扫描
CRITICALCVE-2023-6974CVSS 9.8

MLflow Server-Side Request Forgery (SSRF)

翻译中…

平台

python

组件

mlflow

修复版本

2.9.2

2.9.2

AI Confidence: highNVDEPSS 2.6%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2023-6974 describes a Server-Side Request Forgery (SSRF) vulnerability present in MLflow versions up to 2.9.1. This flaw allows a malicious user to initiate requests to internal HTTP(s) servers, potentially exposing sensitive data or enabling unauthorized access. Successful exploitation, particularly within AWS environments, could lead to remote code execution. The vulnerability was published on December 20, 2023, and a fix is available in version 2.9.2.

Python

检测此 CVE 是否影响你的项目

上传你的 requirements.txt 文件,立即知道是否受影响。

上传 requirements.txt支持的格式: requirements.txt · Pipfile.lock

影响与攻击场景翻译中…

The SSRF vulnerability in MLflow allows an attacker to craft requests that originate from the MLflow server itself, bypassing typical network security controls. This means an attacker could potentially access internal services that are not directly exposed to the internet. In environments utilizing AWS, this vulnerability is particularly concerning. An attacker could leverage the SSRF to interact with AWS metadata services, potentially gaining access to sensitive information like IAM credentials or EC2 instance details. This could then be used to escalate privileges and achieve remote code execution on the affected machine, effectively compromising the entire system. The potential blast radius extends to any internal resources accessible via HTTP(s) from the MLflow server.

利用背景翻译中…

CVE-2023-6974 is not currently listed on the CISA KEV catalog. The EPSS score is likely to be medium to high, given the CRITICAL CVSS score and the potential for remote code execution. Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of exploitation. The vulnerability was publicly disclosed on December 20, 2023.

哪些人处于风险中翻译中…

Organizations deploying MLflow within AWS environments are particularly at risk, as the SSRF vulnerability can be exploited to gain access to AWS metadata and potentially achieve remote code execution. Teams relying on MLflow for model tracking and deployment, especially those with internal HTTP(s) services accessible from the MLflow server, should prioritize patching.

检测步骤翻译中…

• python / mlflow:

import mlflow
import requests

try:
    response = mlflow.tracking.MlflowClient().tracking_service.get_endpoints()
    print(response)
except requests.exceptions.RequestException as e:
    print(f"Error: {e}")

• linux / server:

journalctl -u mlflow -g 'SSRF' | grep -i error

• generic web:

curl -I <mlflow_endpoint>/some/internal/resource

攻击时间线

  1. Disclosure

    disclosure

  2. Patch

    patch

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

2.59% (86% 百分位)

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredNone攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
无 — 无需认证,无需凭证即可利用。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件mlflow
供应商osv
影响范围修复版本
unspecified – 2.9.22.9.2
2.9.2

弱点分类 (CWE)

CWE-918

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期
披露后-6天发布补丁

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2023-6974 is to upgrade MLflow to version 2.9.2 or later, which contains the fix. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. Restricting network access from the MLflow server to only necessary internal resources can limit the potential impact of the SSRF. Implementing a Web Application Firewall (WAF) with strict outbound filtering rules can also help block malicious requests. Carefully review and restrict the allowed protocols and domains that MLflow can access. After upgrading, confirm the fix by attempting to access an internal HTTP(s) resource through the MLflow UI; the request should be blocked or denied.

修复方法翻译中…

Actualice MLflow a la versión 2.9.2 o superior. Esto corrige la vulnerabilidad SSRF. Puede actualizar usando `pip install mlflow==2.9.2` o una versión más reciente.

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2023-6974 — SSRF in MLflow?

CVE-2023-6974 is a critical SSRF vulnerability affecting MLflow versions up to 2.9.1. It allows attackers to initiate requests from the MLflow server, potentially accessing internal resources and leading to remote code execution.

Am I affected by CVE-2023-6974 in MLflow?

You are affected if you are using MLflow version 2.9.1 or earlier. Check your MLflow version and upgrade to 2.9.2 or later to mitigate the risk.

How do I fix CVE-2023-6974 in MLflow?

The recommended fix is to upgrade MLflow to version 2.9.2 or later. If an immediate upgrade is not possible, implement temporary workarounds such as restricting network access and using a WAF.

Is CVE-2023-6974 being actively exploited?

While there are no confirmed reports of active exploitation at this time, the CRITICAL severity and potential for remote code execution suggest a high likelihood of exploitation if the vulnerability remains unpatched.

Where can I find the official MLflow advisory for CVE-2023-6974?

Refer to the MLflow security advisory for detailed information and updates: [https://mlflow.org/docs/security](https://mlflow.org/docs/security)

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE