CVE-2025-14287

{"id": "CVE-2025-14287", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-16T14:17:55.610", "references": [{"url": "https://huntr.com/bounties/229cd526-41aa-4819-b6f0-e2d0371c89e3", "tags": ["Exploit", "Third Party Advisory"], "source": "security@huntr.dev"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then executed using `os.system()`. This allows attackers to execute arbitrary commands by supplying malicious input through the `--container` parameter of the CLI. The issue affects environments where MLflow is used, including development setups, CI/CD pipelines, and cloud deployments."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comandos existe en las versiones de mlflow/mlflow anteriores a la v3.7.0, espec\u00edficamente en el archivo 'mlflow/sagemaker/__init__.py' en las l\u00edneas 161-167. La vulnerabilidad surge de la interpolaci\u00f3n directa de nombres de im\u00e1genes de contenedores proporcionados por el usuario en comandos de shell sin una sanitizaci\u00f3n adecuada, los cuales son luego ejecutados usando 'os.system()'. Esto permite a los atacantes ejecutar comandos arbitrarios al proporcionar entrada maliciosa a trav\u00e9s del par\u00e1metro '--container' de la CLI. El problema afecta a los entornos donde se utiliza MLflow, incluyendo configuraciones de desarrollo, pipelines de CI/CD y despliegues en la nube."}], "lastModified": "2026-04-14T16:48:14.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lfprojects:mlflow:*:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6067BA6F-1194-4135-AAB5-56C8393D3260", "versionEndExcluding": "3.7.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}