Critical Severity

mlflow

Remote Code Execution via Controlled File Write

A vulnerability in MLflow versions 2.6.0 to 2.9.1 allows remote code execution through a controlled file write mechanism. The issue arises from the handling of model source URLs, enabling an attacker to create or overwrite arbitrary files on the system. This vulnerability was patched in version 2.9.2.

Available publicly on Nov 16 2023

10

CVE:

CVE-2023-6018

CWE:

23:Relative Path Traversal

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Credit:

kevin-mizu
AssessDetect

Available

Remediate
Remediation Steps
  • Update MLflow to version 2.9.2 or later.
  • Ensure that authentication is enabled for MLflow to prevent unauthorized access.
  • Regularly review and monitor model creation requests to detect any suspicious activity.
  • Consider implementing network-level controls to restrict access to the MLflow server from untrusted sources.
Patch Details
  • Fixed Version: 2.9.2
  • Patch Commit: https://github.com/mlflow/mlflow/commit/55c72d02380e8db8118595a4fdae7879cb7ac5bd
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.

Sightline logo
About Protect AIPrivacy PolicyTerms of Service
© 2024 Protect AI, Inc.
Slack iconLinkedIn iconYoutube iconX icon