CVE-2024-1483

A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifact_location' and 'source' parameters, using a local URI with '#' instead of '?', an attacker can traverse the server's directory structure. The issue occurs due to insufficient validation of user-supplied input in the server's handlers.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://huntr.com/bounties/52a3855d-93ff-4460-ac24-9c7e4334198d

Configurations

No configuration.

History

16 Apr 2024, 13:24

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de path traversal en mlflow/mlflow versión 2.9.2, que permite a los atacantes acceder a archivos arbitrarios en el servidor. Al crear una serie de solicitudes HTTP POST con parámetros 'artifact_location' y 'source' especialmente manipulados, utilizando un URI local con '#' en lugar de '?', un atacante puede atravesar la estructura de directorios del servidor. El problema se produce debido a una validación insuficiente de la entrada proporcionada por el usuario en los controladores del servidor.

16 Apr 2024, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-16 00:15

Updated : 2024-04-16 13:24

NVD link : CVE-2024-1483

Mitre link : CVE-2024-1483

CVE.ORG link : CVE-2024-1483

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.5 /10