Remote Code Execution due to Full Controled File Write in mlflow

GHSA-5p3h-7fwh-92rc · BIT-mlflow-2023-6018 · CVE-2023-6018

Published Nov 16, 2023 · Modified Aug 8, 2024

Description

The mlflow web server includes tools for tracking experiments, packaging code into reproducible runs, and sharing and deploying models. As this vulnerability allows to write / overwrite any file on the file system, it gives a lot of ways to archive code execution (like overwriting /home/<user>/.bashrc). A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-6018
WEB https://github.com/mlflow/mlflow/commit/55c72d02380e8db8118595a4fdae7879cb7ac5bd
PACKAGE https://github.com/mlflow/mlflow
WEB https://huntr.com/bounties/7cf918b5-43f4-48c0-a371-4d963ce69b30

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes