Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML platform allows a remote attacker to arbitrarily access, create, modify and delete files.
The ClearML platform's fileserver component does not implement authentication mechanisms (CWE-287) and does not verify whether the request comes from an authorized user (CWE-425 – forced browsing). A remote attacker, without any credentials, can send requests directly to the file server. This allows reading, creating, modifying, and deleting any files stored by the platform.
An attacker can gain unauthorized access to data stored in the MLOps platform, as well as modify or delete files, which may lead to violations of confidentiality, integrity, and availability of ClearML system resources.
Apply patches available from the manufacturer according to the references. As a temporary measure, it is recommended to restrict network access to the fileserver component through a firewall or network segmentation, so that it is accessible only to trusted hosts.
All versions of the fileserver component in Allegro AI ClearML platform
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HClear Clearml
APPClearwszystkie wersje
Related vulnerabilities
CSRF w ClearML API Server — podszywanie się pod użytkownika
XSS w ClearML — wykonanie JavaScript przez zakładkę Debug Samples
Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s Cle...
A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform ...
Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulti...