MLflow < 3.11.0 Authentication Bypass

high Web App Scanning Plugin ID 115253

Language:

Synopsis

MLflow < 3.11.0 Authentication Bypass

Description

MLflow versions prior to 3.11.0 are vulnerable to an authentication bypass vulnerability that allows attackers to access protected resources without proper authentication. This vulnerability arises from a flaw in the authentication mechanism, which can be exploited by attackers to gain unauthorized access to sensitive data and functionalities within the MLflow platform. This detection is included in the AI and LLM category.

Solution

Upgrade to MLflow 3.11.0 or later.

See Also

https://github.com/mlflow/mlflow/commit/bb62e773263c14e9ba4d1a82fe72d0de2442c6aa

https://huntr.com/bounties/5aeff5f0-49c7-4180-b5cb-c9a046f16756

Plugin Details

Severity: High

ID: 115253

Type: Check Based

Family: Artificial Intelligence

Published: 5/28/2026

Updated: 5/28/2026

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:C/A:P

CVSS Score Source: CVE-2026-2652

CVSS v3

Risk Factor: High

Base Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

CVSS Score Source: CVE-2026-2652

Vulnerability Information

CPE: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/14/2026

Vulnerability Publication Date: 5/14/2026

Reference Information

CVE: CVE-2026-2652

CWE: 305

OWASP: 2010-A3, 2013-A2, 2017-A2, 2021-A7, 2025-A7

WASC: Insufficient Authentication

CAPEC: 114, 115, 151, 194, 22, 57, 593, 633, 650, 94

DISA STIG: APSC-DV-000460

HIPAA: 164.312(a)(1), 164.312(a)(2)(i)

ISO: 27001-A.13.1.1, 27001-A.14.1.2, 27001-A.14.1.3, 27001-A.18.1.3, 27001-A.6.2.2, 27001-A.9.1.2, 27001-A.9.4.1, 27001-A.9.4.4, 27001-A.9.4.5

NIST: sp800_53-AC-3

OWASP API: 2019-API7, 2023-API8

PCI-DSS: 3.2-6.5.10