CVE-2023-43472 – This vulnerability in MLFlow allows remote atta... (How to Fix)

Q: What is the severity of CVE-2023-43472?

CVE-2023-43472 has a CVSS score of 7.5 (HIGH). This vulnerability in MLFlow allows remote attackers to access sensitive information through crafted REST API requests. It affects MLFlow deployments with exposed REST APIs, potentially exposing model data, configuration details, or credentials.

📋 TL;DR

This vulnerability in MLFlow allows remote attackers to access sensitive information through crafted REST API requests. It affects MLFlow deployments with exposed REST APIs, potentially exposing model data, configuration details, or credentials.

💻 Affected Systems

Products:

MLFlow

Versions: 2.8.1 and earlier

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects deployments with REST API endpoints accessible to attackers.

📦 What is this software?

Mlflow by Lfprojects

View all CVEs affecting Mlflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of MLFlow instance with exposure of all stored models, experiment data, and potentially credentials or API keys.

🟠

Likely Case

Unauthorized access to sensitive ML model artifacts, experiment metadata, or configuration files.

🟢

If Mitigated

Limited exposure of non-critical information if proper network segmentation and authentication are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires crafting specific REST API requests but does not require authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.9.0 or later

Vendor Advisory: https://mlflow.org/docs/latest/releases.html

Restart Required: Yes

Instructions:

1. Upgrade MLFlow to version 2.9.0 or later. 2. Restart all MLFlow services. 3. Verify the upgrade was successful.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to MLFlow REST API endpoints using firewall rules or network ACLs.

Authentication Enforcement

all

Implement authentication for all REST API endpoints if not already enabled.

🧯 If You Can't Patch

Implement strict network access controls to limit MLFlow API exposure
Enable and enforce authentication for all MLFlow REST API endpoints

🔍 How to Verify

Check if Vulnerable:

Check MLFlow version using 'mlflow --version' or examine package version in deployment.

Check Version:

mlflow --version

Verify Fix Applied:

Confirm MLFlow version is 2.9.0 or later and test REST API endpoints for information disclosure.

📡 Detection & Monitoring

Log Indicators:

Unusual REST API request patterns
Access to sensitive endpoints without authentication

Network Indicators:

Unusual traffic to MLFlow REST API endpoints
Requests attempting to access sensitive endpoints

SIEM Query:

source="mlflow" AND (url_path="/api/*" OR method="GET") AND response_code=200 AND user="anonymous"

📊 Metadata

CVE ID: CVE-2023-43472

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: December 5, 2023

Last Updated: November 21, 2024

🔗 References

https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security Exploit,Press/Media Coverage
https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security Exploit,Press/Media Coverage

📤 Share & Export

📄 Export Markdown 📋 Export JSON