Directory Traversal Vulnerability in mlflow Platform (up to v2.0.1) Allows Arbitrary File Read
CVE-2023-30172 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
Learn more about our Cis Benchmark Audit For Server Software.