CVE-2025-15381

HIGH

Unauthorized Access to Tracing and Assessment Endpoints in mlflow/mlflow

Title source: cna

Description

In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.

References (1)

Core 1

Core References

https://huntr.com/bounties/149fb2f9-ef4b-4136-a25c-20563451904c

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 1.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-200

Status published

Products (3)

lfprojects/mlflow

mlflow/mlflow/mlflow unspecified - latest

pypi/mlflow 0PyPI

Published Mar 27, 2026

Tracked Since Mar 29, 2026