CVE-2023-6977 Scanner
CVE-2023-6977 Scanner - Local File Inclusion vulnerability in Mlflow
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
18 days 13 hours
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
The Mlflow software is a widely-used platform for managing machine learning models, employed by data scientists, ML engineers, and AI practitioners. It's designed to help users organize their workflow projects using tools for tracking experiments, packaging code into reproducible runs, and sharing and deploying models. It offers a flexible framework which can be integrated into various complex machine learning infrastructures across industries. Organizations benefit from its ability to streamline ML model training and deployment processes. As a result, it finds application in sectors ranging from finance to healthcare, providing critical support for model management.
The Local File Inclusion (LFI) vulnerability in Mlflow prior to 2.8.0 arises from improper handling of file paths, enabling potential path traversal attacks. This security flaw allows an attacker to include files that are not intended for public access in the web server’s operational path. Exploiting this vulnerability, malicious actors can gain access to local files stored on the server by manipulating the software inputs or API requests. The vulnerability poses a high-security risk as it circumvents normal authorization mechanisms to illegally access sensitive data.
Technical details of the vulnerability involve the exploitation of insufficiently validated path inputs through injection into API requests or specific endpoints of the Mlflow server. Attackers may utilize specially crafted requests to fetch restricted files from directories, such as system passwords or configuration files. The HTTP endpoint '/model-versions/get-artifact' is particularly susceptible when erroneous input data passes through the 'path' parameter. Successful manipulation of the input allows unauthorized file accesses which are then processed as part of the server's file handling operations.
Exploitation of this Local File Inclusion vulnerability can result in serious repercussions for the affected server. If attackers successfully include and read sensitive information like access credentials or configuration files, they may use this data to gain further access or control over the system. It could lead to unauthorized administrative actions, data leaks, or service disruptions if critical files are tampered with. Overall, the potential for data breaches and compromised server integrity is substantial, necessitating immediate mitigation strategies.
REFERENCES
