CVE-2024-1560
Path Traversal vulnerability in mlflow (PyPI)

Path Traversal No known exploit

What is CVE-2024-1560 About?

This path traversal vulnerability in mlflow/mlflow's artifact deletion functionality allows attackers to delete arbitrary directories on the server. It bypasses path validation through a double decoding process. Exploitation is moderate and relies on a specific unquote operation flaw.

Affected Software

mlflow <=2.9.2

Technical Details

The vulnerability lies in the artifact deletion functionality of the mlflow/mlflow repository, affecting versions up to 2.9.2. It stems from a path traversal flaw caused by a double decoding process during the handling of artifact paths. Specifically, an extra unquote operation in the delete_artifacts function within local_artifact_repo.py, combined with the _delete_artifact_mlflow_artifacts handler and local_file_uri_to_path function, fails to properly sanitize user-supplied paths. This allows an attacker to bypass intended path validation by encoding path traversal sequences (e.g., '../') multiple times, leading to their successful interpretation after the double decoding, and consequently, the deletion of arbitrary directories on the server's filesystem.

What is the Impact of CVE-2024-1560?

Successful exploitation may allow attackers to delete arbitrary files and directories on the server, leading to data loss, denial of service, or potentially system instability.

What is the Exploitability of CVE-2024-1560?

Exploitation complexity is moderate, as it requires crafting specific double-encoded path traversal sequences to bypass validation. The attack is remote, leveraging the artifact deletion functionality. Authentication requirements are not explicitly stated, but artifact deletion typically requires some level of authorized access. No elevated privileges beyond those needed to initiate artifact deletion are required post-authentication. The vulnerability is due to specific flaws in how paths are unquoted and decoded. The risk factors include the exposure of artifact management endpoints and the failure to adequately sanitize user-controlled paths, even after previous attempts to fix similar issues.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for CVE-2024-1560?

Available Upgrade Options

  • No fixes available

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to CVE-2024-1560?

Similar Vulnerabilities: CVE-2024-1483 , CVE-2023-46749 , CVE-2023-6831 , CVE-2022-4303 , CVE-2022-45868

All Rights reserved 2025
Privacy Policy