How severe is CVE-2024-3848?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-3848?

This is classified as CWE-29, which is a common weakness in software security.

CVE-2024-3848 - HIGH Severity | CVSS 7.5

Vulnerability Description

A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal.

Related Vulnerabilities

CVE-2023-6021

HIGH

CVSS:7.5(High)

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.any...

CWE-292023

CVE-2023-6130

HIGH

CVSS:7.5(High)

Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

CWE-292023

CVE-2023-6909

HIGH

CVSS:7.5(High)

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.

CWE-292023

CVE-2024-1561

HIGH

CVSS:7.5(High)

An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifica...

CWE-292024

CVE-2024-2178

HIGH

CVSS:7.5(High)

A path traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'copy_to_custom_personas' endpoint in the 'lollms_personalities_infos.py' file. This vulnerability allows at...

CWE-292024

CVE-2024-2928

HIGH

CVSS:7.5(High)

A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure t...

CWE-292024