PatchSiren cyber security CVE debrief
CVE-2025-15381 mlflow CVE debrief
CVE-2025-15381 is a high-severity vulnerability in the mlflow/mlflow project. When the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. The vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected. Users should update to a patched version as soon as possible.
- Vendor
- mlflow
- Product
- mlflow/mlflow
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-27
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-03-27
- Advisory updated
- 2026-06-30
Who should care
Users of mlflow/mlflow who have enabled the `basic-auth` app should be aware of this vulnerability. This includes anyone using mlflow/mlflow for tracing and assessment, especially in environments where multiple users have access to the system. Security teams should prioritize patching or mitigating this vulnerability to prevent unauthorized access to sensitive information.
Technical summary
The vulnerability exists in the mlflow/mlflow project when the `basic-auth` app is enabled. Tracing and assessment endpoints do not have proper permission validation, allowing authenticated users to access and create assessments for traces they should not have access to. This is due to a lack of permission checks on these endpoints. The vulnerability has a CVSS score of 7.1 and is considered high severity.
Defensive priority
High priority should be given to patching or mitigating this vulnerability. As the vulnerability allows unauthorized access to sensitive information and creation of assessments, defenders should act quickly to protect their environments.
Recommended defensive actions
- Update to a patched version of mlflow/mlflow as soon as available.
- Disable the `basic-auth` app if not required.
- Implement additional access controls or permission checks for tracing and assessment endpoints.
- Monitor for suspicious activity on tracing and assessment endpoints.
- Review and update user permissions to ensure least privilege access.
Evidence notes
The vulnerability was reported by [email protected] and is documented in the NVD and CVE records. Multiple sources, including Red Hat, have provided additional information and references. However, the exact scope of affected systems and users is not fully clear from the available information.
Official resources
-
CVE-2025-15381 CVE record
CVE.org
-
CVE-2025-15381 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article was generated with AI assistance based on the supplied source corpus.