BIT-mlflow-2023-43472
Information Exposure vulnerability in mlflow (PyPI)
What is BIT-mlflow-2023-43472 About?
MLFlow versions up to 2.8.1 are vulnerable to an Information Exposure issue, allowing remote attackers to obtain sensitive information. This occurs via crafted requests sent to the product's REST API. The vulnerability is relatively easy to exploit with knowledge of the API structure.
Affected Software
Technical Details
The vulnerability exists in MLFlow versions up to and including 2.8.1. A remote attacker can craft specific requests to the MLFlow REST API that, when processed, lead to the disclosure of sensitive information. The details of the 'crafted request' and the specific REST API endpoint are not provided, but typically such vulnerabilities arise from insufficient access controls on API endpoints, improper error handling revealing internal details, or direct access to sensitive data via unauthenticated or poorly authenticated API calls. This allows an attacker to query the API in a way that bypasses intended restrictions and retrieves data that should otherwise be protected.
What is the Impact of BIT-mlflow-2023-43472?
Successful exploitation may allow attackers to obtain sensitive information regarding MLFlow experiments, models, users, or system configurations, potentially leading to unauthorized data access or further targeted attacks.
What is the Exploitability of BIT-mlflow-2023-43472?
Exploitation of this vulnerability is likely to be of low to moderate complexity. It can be performed remotely, as it involves sending crafted requests to the MLFlow REST API. Authentication requirements would depend on the specific API endpoint being targeted and MLFlow's configuration; if sensitive information is exposed via unauthenticated endpoints, exploitation would be easier. Privilege requirements are also contingent on the API's access control; if general users or unauthenticated requests can trigger the information exposure, the risk is higher. The primary risk factor is the MLFlow instance's REST API being publicly accessible or accessible to internal networks where attackers might gain a foothold, combined with insufficient access controls on API endpoints.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for BIT-mlflow-2023-43472?
Available Upgrade Options
- mlflow
- <2.9.0 → Upgrade to 2.9.0
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security
- https://mlflow.org/news/2023/12/06/2.9.0-release/index.html
- https://github.com/mlflow/mlflow
- https://nvd.nist.gov/vuln/detail/CVE-2023-43472
- https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security
- https://osv.dev/vulnerability/GHSA-wqxf-447m-6f5f
What are Similar Vulnerabilities to BIT-mlflow-2023-43472?
Similar Vulnerabilities: CVE-2023-44093 , CVE-2023-41270 , CVE-2023-38505 , CVE-2023-29472 , CVE-2023-37905
