CVE-2025-15381
Modified Modified - Updated After Analysis

Unauthorized Access in mlflow Basic-Auth App Exposes Trace Data

Vulnerability report for CVE-2025-15381, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-27

Last updated on: 2026-06-30

Assigner: huntr.dev

Description

In the latest version of mlflow/mlflow, when the `basic-auth` app is enabled, tracing and assessment endpoints are not protected by permission validators. This allows any authenticated user, including those with `NO_PERMISSIONS` on the experiment, to read trace information and create assessments for traces they should not have access to. This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Deployments using `mlflow server --app-name=basic-auth` are affected.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-27
Last Modified
2026-06-30
Generated
2026-07-06
AI Q&A
2026-03-27
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
lfprojects mlflow *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-425 The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, you should avoid using the `basic-auth` app in mlflow server deployments until a fix is available, as the tracing and assessment endpoints are not properly protected.

Ensure that permission validators are correctly applied to tracing and assessment endpoints to prevent unauthorized users from accessing or creating trace information.

Monitor for updates or patches from the mlflow project that address this issue and apply them promptly.

Executive Summary

This vulnerability exists in the latest version of mlflow/mlflow when the basic-auth app is enabled. Specifically, tracing and assessment endpoints are not protected by permission validators. As a result, any authenticated user, even those with no permissions on the experiment, can read trace information and create assessments for traces they should not have access to.

This means unauthorized users can access sensitive trace metadata and manipulate assessments, which compromises both confidentiality and integrity.

Impact Analysis

The vulnerability can impact you by exposing sensitive trace metadata to unauthorized users, which compromises confidentiality.

Additionally, it allows unauthorized users to create assessments for traces, impacting the integrity of the data.

This could lead to unauthorized information disclosure and potential manipulation of trace assessments within your mlflow deployment.

Compliance Impact

This vulnerability impacts confidentiality by exposing trace metadata and integrity by allowing unauthorized creation of assessments. Such exposure of sensitive information and unauthorized actions could lead to non-compliance with standards and regulations that require strict access controls and protection of sensitive data, such as GDPR and HIPAA.

Specifically, since any authenticated user can access trace information and create assessments without proper permissions, this could result in unauthorized disclosure of personal or sensitive data, violating confidentiality requirements mandated by these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-15381. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart