BIT-mlflow-2024-4263
Broken access control vulnerability in mlflow (PyPI)
What is BIT-mlflow-2024-4263 About?
A broken access control vulnerability exists in MLflow versions prior to 2.10.1, allowing low-privilege users with 'EDIT' permissions to delete artifacts despite intended restrictions. This flaw arises from insufficient validation of DELETE requests. Exploitation is straightforward, enabling unauthorized artifact removal.
Affected Software
Technical Details
The core of this vulnerability is a broken access control mechanism in mlflow/mlflow versions before 2.10.1. Users who are assigned only 'EDIT' permissions on an experiment are, by design, intended to only read and update artifacts, not delete them. However, the application fails to adequately validate DELETE requests from such users. Specifically, a low-privilege user with 'EDIT' permissions can send a DELETE request to remove artifacts, including entire directories within an artifact, bypassing the intended authorization checks. This demonstrates a clear flaw in the server-side enforcement of access policies.
What is the Impact of BIT-mlflow-2024-4263?
Successful exploitation may allow attackers to delete critical data and artifacts, leading to data loss, integrity issues, and disruption of scientific or machine learning workflows.
What is the Exploitability of BIT-mlflow-2024-4263?
Exploitation requires a user account with 'EDIT' permissions on an MLflow experiment. The attacker needs to be an authenticated low-privilege user. The attack is remote, as the attacker sends a crafted DELETE request to the MLflow server. The complexity is low, as it primarily involves sending a specific type of HTTP request (DELETE) to an artifact endpoint, exploiting the lack of proper server-side authorization checks. No special conditions are needed beyond having the 'EDIT' permission. The risk is high within environments where 'EDIT' permissions are routinely granted, as it allows for unintended data destruction by basic users.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for BIT-mlflow-2024-4263?
Available Upgrade Options
- mlflow
- <2.10.1 → Upgrade to 2.10.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://huntr.com/bounties/bfa116d3-2af8-4c4a-ac34-ccde7491ae11
- https://osv.dev/vulnerability/GHSA-p4jx-q62p-x5jr
- https://github.com/mlflow/mlflow/commit/b43e0e3de5b500554e13dc032ba2083b2d6c94b8
- https://nvd.nist.gov/vuln/detail/CVE-2024-4263
- https://github.com/mlflow/mlflow
- https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2024-51.yaml
- https://github.com/mlflow/mlflow/commit/b43e0e3de5b500554e13dc032ba2083b2d6c94b8
- https://huntr.com/bounties/bfa116d3-2af8-4c4a-ac34-ccde7491ae11
What are Similar Vulnerabilities to BIT-mlflow-2024-4263?
Similar Vulnerabilities: CVE-2023-38501 , CVE-2023-28432 , CVE-2022-41857 , CVE-2022-38506 , CVE-2022-35967
