CVE-2023-6975
Command Execution vulnerability in mlflow (PyPI)
What is CVE-2023-6975 About?
This vulnerability allows a malicious user to achieve remote command execution on a vulnerable machine. Successful exploitation grants access to data and model information, posing a significant risk. The ease of exploitation depends on the specific entry point for the malicious input.
Affected Software
Technical Details
The vulnerability enables command execution through an unspecified mechanism, likely involving improper input validation or a flaw in how user-supplied data is processed or interpreted. A malicious user crafts an input (e.g., a specifically formatted query, a malicious file, or a crafted API request) that, when handled by the vulnerable system, executes arbitrary operating system commands. This direct execution of commands bypasses security controls and allows the attacker to interact with the underlying system. The attack vector could leverage deserialization bugs, injection flaws (like OS command injection), or insecure use of dynamic code evaluation functions. Once command execution is achieved, the attacker can then access sensitive data and model information stored on the compromised machine.
What is the Impact of CVE-2023-6975?
Successful exploitation may allow attackers to execute arbitrary commands on the vulnerable machine, leading to full system compromise, unauthorized access to sensitive data and intellectual property (model information), and potential denial of service.
What is the Exploitability of CVE-2023-6975?
Exploitation complexity can vary from low to moderate depending on the specific attack vector. It requires the attacker to submit malicious input through an accessible interface. Authentication requirements depend on whether the entry point for the malicious input is protected; it could range from unauthenticated to authenticated access. Privilege requirements would be those of the compromised user or service. This is often a remote attack, where the malicious input is delivered over a network. Special conditions usually involve the application's reliance on external input for critical operations without adequate sanitization or validation. The lack of proper input handling is a significant risk factor increasing the likelihood of successful command execution.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-6975?
Available Upgrade Options
- mlflow
- <2.9.2 → Upgrade to 2.9.2
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://nvd.nist.gov/vuln/detail/CVE-2023-6975
- https://huntr.com/bounties/029a3824-cee3-4cf1-b260-7138aa539b85
- https://osv.dev/vulnerability/GHSA-hh8p-p8mp-gqhm
- https://github.com/mlflow/mlflow/commit/b9ab9ed77e1deda9697fe472fb1079fd428149ee
- https://github.com/mlflow/mlflow
- https://huntr.com/bounties/029a3824-cee3-4cf1-b260-7138aa539b85
- https://github.com/mlflow/mlflow/commit/b9ab9ed77e1deda9697fe472fb1079fd428149ee
What are Similar Vulnerabilities to CVE-2023-6975?
Similar Vulnerabilities: CVE-2024-11394 , CVE-2023-7018 , CVE-2023-47248 , CVE-2024-1455 , CVE-2021-44228
