An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2023-11-16T21:07:36.577Z

Updated: 2024-09-04T20:22:09.674Z

Reserved: 2023-11-08T09:11:22.613Z

Link: CVE-2023-6014

cve-icon Vulnrichment

Updated: 2024-08-02T08:21:17.031Z

cve-icon NVD

Status : Analyzed

Published: 2023-11-16T21:15:09.267

Modified: 2023-11-24T23:09:12.300

Link: CVE-2023-6014

cve-icon Redhat

No data.