FlyteAdmin is a control plane for Flyte open source. Responsible for managing entities (tasks, workflows, startup plans) and managing workflow execution. An information disclosure vulnerability exists in Flyte FlyteAdmin versions prior to 1.1.44, which stems from the fact that users who enable the default Flyte authorization server without changing the default clientid hash will be exposed to the public Internet. An attacker can exploit the vulnerability to obtain sensitive information.