CVE-2023-1177 Scanner

Mlflow is an open-source platform for managing the end-to-end machine learning lifecycle. It includes features for tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Developed by Databricks, Mlflow is widely used in the machine learning community for its ability to streamline and document the development process of machine learning models. The software is designed for data scientists, developers, and machine learning engineers to improve the efficiency and reproducibility of their machine learning projects.

The Local File Inclusion vulnerability in versions of Mlflow prior to 2.2.1 allows attackers to include files located elsewhere on the server into the output of a given web page. By exploiting path traversal vulnerabilities, attackers can access sensitive files or execute code on the server that could compromise the system's security. This vulnerability stems from inadequate validation of user-supplied input, enabling attackers to manipulate the software to read files outside of the intended directories.

The vulnerability is specifically related to how Mlflow handles file paths in its web interface. Attackers can manipulate inputs to traverse the server's directory structure (using ../ path notation) and access files not intended for public exposure. This can include configuration files, source code, or sensitive system files, depending on the server's structure and permissions. Successful exploitation depends on the attacker's ability to craft malicious requests that bypass the application's input validation mechanisms.

The exploitation of this vulnerability can lead to the unauthorized disclosure of sensitive information, potential data breaches, and a compromise of the server's integrity and availability. It could allow attackers to gain insights into the server's configuration, access credentials stored in configuration files, or execute arbitrary code if combined with other vulnerabilities. The impact is considered critical due to the high level of access and control an attacker could gain over the affected system.

Joining securityforeveryone offers unparalleled benefits, including access to our advanced security scanning solutions that can detect vulnerabilities like the LFI in Mlflow. Our platform empowers users to proactively manage and mitigate cyber threats, enhancing the security posture of their digital assets. With real-time monitoring, detailed vulnerability reports, and expert remediation guidance, members can ensure their projects remain secure and resilient against emerging threats.

References

• https://huntr.dev/bounties/1fe8f21a-c438-4cba-9add-e8a5dab94e28/
• https://github.com/mlflow/mlflow/commit/7162a50c654792c21f3e4a160eb1a0e6a34f6e6e
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1177
• https://huntr.dev/bounties/1fe8f21a-c438-4cba-9add-e8a5dab94e28
• https://nvd.nist.gov/vuln/detail/CVE-2023-1177