Lucene search
GoogleOSV:BIT-MLFLOW-2023-6015HistoryMar 06, 2024 - 10:57 a.m.
BIT-mlflow-2023-6015
2024-03-0610:57:56
Google
osv.dev
8
mlflow
vulnerability
files
server
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
36.9%
MLflow allowed arbitrary files to be PUT onto the server.
Related
osv
osv
MLflow allowed arbitrary files to be PUT onto the server
2023-11-16 18:30:31
CVE-2023-6015
2023-11-16 16:15:34
prion
prion
Design/Logic Flaw
2023-11-16 16:15:00
github
github
MLflow allowed arbitrary files to be PUT onto the server
2023-11-16 18:30:31
veracode
veracode
Path Traversal
2023-11-17 10:07:26
cve
cve
CVE-2023-6015
2023-11-16 16:15:34
nvd
nvd
CVE-2023-6015
2023-11-16 16:15:34
cvelist
cvelist
CVE-2023-6015 MLflow Arbitrary File Upload
2023-11-16 16:06:11
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
36.9%
Related for OSV:BIT-MLFLOW-2023-6015