CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
66.3%
mlflow is vulnerable to Server Side Request Forgery (SSRF). The vulnerability is caused by following redirects while fetching HTTP artifact contents within the model-versions/get-artifact
endpoint. A malicious user can exploit this to access internal HTTP(s) servers and in the worst case achieve remote code execution in the system.