6.5
CVE-2026-3198
- EPSS 0.24%
- Veröffentlicht 02.06.2026 02:50:47
- Zuletzt bearbeitet 03.06.2026 17:07:05
- Quelle security@huntr.dev
- CVE-Watchlists
- Unerledigt
Improper Access Control in mlflow/mlflow
MLflow 3.9.0 with basic-auth (`--app-name basic-auth`) fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the `BEFORE_REQUEST_HANDLERS` dictionary in `mlflow/server/auth/__init__.py` does not include entries for `ListGatewaySecretInfos`, `ListGatewayEndpoints`, and `ListGatewayModelDefinitions`. This allows any authenticated user, regardless of their assigned permissions, to enumerate all gateway secrets, endpoints, and model definitions. This vulnerability exposes sensitive information, such as API keys, endpoint configurations, and proprietary model definitions, to unauthorized users.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Lfprojects ≫ Mlflow Version3.9.0 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.153 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@huntr.dev | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
https://huntr.com/bounties/e57db731-97d3-40c3-a429-831ee959807f