ExploitCVE-2023-1176
Absolute Path Traversal (CWE-36)
Published: Mar 24, 2023 / Updated: 20mo ago
010
CVSS 3.3EPSS 0.04%Low
CVE info copied to clipboard
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Timeline
First Article
Feedly found the first article mentioning CVE-2023-1176. See article
Mar 24, 2023 at 4:01 AM / protectai.com
Threat Intelligence Report
The vulnerability CVE-2023-1176 in MLflow poses a critical risk of Local File Inclusion/Remote File Inclusion, potentially leading to system or cloud provider takeover. Organizations are urged to update to version 2.2.2 immediately to mitigate this threat. Proof-of-concept exploits are available, and downstream impacts to third-party vendors using MLflow may be significant. See article
Mar 25, 2023 at 5:08 AM
EPSS
EPSS Score was set to: 0.04% (Percentile: 6.9%)
Sep 18, 2023 at 8:49 PM
Affected Systems
Lfprojects/mlflow
+null more
Exploits
https://huntr.dev/bounties/ae92f814-6a08-435c-8445-eec0ef4f1085
+null more
Patches
Github Advisory
+null more
Attack Patterns
CAPEC-597: Absolute Path Traversal
+null more
Vendor Advisory
[GHSA-wp72-7hj9-5265] Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
Users of the MLflow Open Source Project who are hosting the MLflow Model Registry using the mlflow server or mlflow ui commands using an MLflow version older than MLflow 2.2.1 may be vulnerable to a remote file existence check exploit if they are not limiting who can query their server (for example, by using a cloud VPC, an IP allowlist for inbound requests, or authentication / authorization middleware). If you are using the MLflow open source mlflow server or mlflow ui commands, we strongly recommend limiting who can access your MLflow Model Registry and MLflow Tracking servers using a cloud VPC, an IP allowlist for inbound requests, authentication / authorization middleware, or another access restriction mechanism of your choosing.
References
Hacking AI: System and Cloud Takeover via MLflow Exploit
The exploitation of this vulnerability allows a remote unauthenticated attacker to read any file on the server that the user who started the MLflow server can access. All versions of MLflow prior to v2.0 were vulnerable to LFI via the simpler exploit of: http://<server:port>/get-artifact?path=../../../../../etc/passwd&run_uuid=<run_uuid
News
CVE-2023-1176 Exploit
CVE Id : CVE-2023-1176 Published Date: 2023-03-28T14:44:00+00:00 Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. inTheWild added a link to an exploit: https://huntr.dev/bounties/ae92f814-6a08-435c-8445-eec0ef4f1085
CVE-2023-1177: RFI Vulnerability in Machine Learning Lifecycle Platform, MLflow
CVE-2023-1176 is a security vulnerability with a CVSS score of 5.3, affecting MLflow Open Source Project users running the MLflow Model Registry with or commands on versions older than MLflow 2.2.1. Workarounds: Limit access to your MLflow Model Registry and Tracking servers by implementing a cloud VPC, IP allowlist for inbound requests, or authentication/authorization middleware.
Hacking AI: System and Cloud Takeover via MLflow Exploit
The exploitation of this vulnerability allows a remote unauthenticated attacker to read any file on the server that the user who started the MLflow server can access. All versions of MLflow prior to v2.0 were vulnerable to LFI via the simpler exploit of: http://<server:port>/get-artifact?path=../../../../../etc/passwd&run_uuid=<run_uuid
CVE-2023-1176
- CVSS Scores & Vulnerability Types If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores.
CVE-2023-1176
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. (CVSS:0.0) (Last Update:2023-03-24)
See 12 more articles and social media posts