CVE-2026-0545 Scanner
CVE-2026-0545 Scanner - Authentication Bypass vulnerability in MLflow
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
12 days 15 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
MLflow is a popular open-source platform used by data scientists and engineers for managing the machine learning lifecycle. It is widely adopted by organizations to streamline the tracking, reproduction, and deployment of machine learning models. MLflow provides functionalities, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. It integrates easily with existing tools and cloud infrastructure, making it a versatile choice for ML workflows. FastAPI is utilized within MLflow to handle HTTP requests to its Job API. Ensuring secure authentication of these requests is crucial to maintaining the integrity and confidentiality of managed jobs.
The authentication bypass vulnerability in MLflow allows unauthorized access to its Job API. This security flaw occurs due to unprotected endpoints when basic authentication is enabled. Attackers can exploit these endpoints to remotely submit and manage jobs without authentication. This exposes the system to severe risks, including unauthorized job execution and potential malicious activities. Addressing this vulnerability is critical to maintaining operational security within environments using MLflow.
The vulnerability detail reveals that MLflow's FastAPI job endpoints under "/ajax-api/3.0/jobs/*" lack proper authentication when basic authentication is enabled. This oversight leaves endpoints unprotected and accessible to unauthorized users. The vulnerable endpoints accept JSON requests intended for job management, including parameters for executing specified commands. Successful exploitation requires job execution to be enabled, allowing attackers to perform tasks typically restricted to authorized users. This type of vulnerability emphasizes the need for rigorous endpoint security practices.
If exploited, the authentication bypass could lead to significant negative impacts within affected systems. Unauthorized individuals can potentially gain control over job execution, leading to remote code execution or denial of service scenarios. Furthermore, unauthorized access could result in sensitive data exposure, risking confidentiality and potentially causing significant harm to the organization. Therefore, addressing this flaw is paramount to safeguarding system integrity and user data.
REFERENCES
