CVE-2024-37054 - OpenCVE

Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user’s system when interacted with.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://hiddenlayer.com/sai-security-advisory/mlflow-june2024

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: HiddenLayer

Published: 2024-06-04T12:00:34.492Z

Updated: 2024-06-06T15:01:51.570Z

Reserved: 2024-05-31T14:16:48.807Z

Link: CVE-2024-37054

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-06-04T12:15:11.190

Modified: 2024-06-04T16:57:41.053

Link: CVE-2024-37054

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37054", "assignerOrgId": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "state": "PUBLISHED", "assignerShortName": "HiddenLayer", "dateReserved": "2024-05-31T14:16:48.807Z", "datePublished": "2024-06-04T12:00:34.492Z", "dateUpdated": "2024-06-06T15:01:51.570Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "mlflow", "product": "MLflow", "repo": "https://github.com/mlflow/mlflow", "vendor": "MLflow", "versions": [{"lessThanOrEqual": "*", "status": "affected", "version": "0.9.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user\u2019s system when interacted with.</span><br>"}], "value": "Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user\u2019s system when interacted with."}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "CAPEC-586 Object Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "CWE-502 Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "shortName": "HiddenLayer", "dateUpdated": "2024-06-04T12:00:34.492Z"}, "references": [{"url": "https://hiddenlayer.com/sai-security-advisory/mlflow-june2024"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "mlflow", "product": "mlflow", "cpes": ["cpe:2.3:a:mlflow:mlflow:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0.9.0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-06T15:01:38.249209Z", "id": "CVE-2024-37054", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T15:01:51.570Z"}}]}}