An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifact_path URL parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published: 2023-11-16T16:03:08.827Z

Updated: 2024-08-02T08:21:17.027Z

Reserved: 2023-11-08T09:13:49.918Z

Link: CVE-2023-6023

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-16T16:15:35.057

Modified: 2024-11-21T08:43:00.103

Link: CVE-2023-6023

cve-icon Redhat

No data.