CVE-2025-15381
Received Received - Intake
Unauthorized Access in mlflow Basic-Auth App Exposes Trace Data

Publication date: 2026-03-27

Last updated on: 2026-04-28

Assigner: huntr.dev

Description
In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-04-28
Generated
2026-06-16
AI Q&A
2026-03-27
EPSS Evaluated
2026-06-14
NVD
CVE-2025-15381
EUVD
EUVD-2025-209100
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lfprojects mlflow *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the latest version of mlflow/mlflow when the basic-auth app is enabled. Specifically, tracing and assessment endpoints are not protected by permission validators. As a result, any authenticated user, even those with no permissions on the experiment, can read trace information and create assessments for traces they should not have access to.

This means unauthorized users can access sensitive trace metadata and manipulate assessments, which compromises both confidentiality and integrity.

Mitigation Strategies

To mitigate this vulnerability, you should avoid using the `basic-auth` app in mlflow server deployments until a fix is available, as the tracing and assessment endpoints are not properly protected.

Ensure that permission validators are correctly applied to tracing and assessment endpoints to prevent unauthorized users from accessing or creating trace information.

Monitor for updates or patches from the mlflow project that address this issue and apply them promptly.

Impact Analysis

The vulnerability can impact you by exposing sensitive trace metadata to unauthorized users, which compromises confidentiality.

Additionally, it allows unauthorized users to create assessments for traces, impacting the integrity of the data.

This could lead to unauthorized information disclosure and potential manipulation of trace assessments within your mlflow deployment.

Compliance Impact

This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Such exposure of sensitive information and unauthorized actions could lead to non-compliance with standards and regulations that require strict access controls and protection of sensitive data, such as GDPR and HIPAA.

Specifically, since any authenticated user can access trace information and create assessments without proper permissions, this could result in unauthorized disclosure of personal or sensitive data, violating confidentiality requirements mandated by these regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-15381. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart