CVE-2025-11200

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from weak password requirements. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26916.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54	Patch
https://www.zerodayinitiative.com/advisories/ZDI-25-932/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*

History

04 Nov 2025, 21:18

Type	Values Removed	Values Added
References	~~() https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54 -~~	() https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54 - Patch
References	~~() https://www.zerodayinitiative.com/advisories/ZDI-25-932/ -~~	() https://www.zerodayinitiative.com/advisories/ZDI-25-932/ - Third Party Advisory
CPE		cpe:2.3:a:lfprojects:mlflow::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~8.1~~	v2 : unknown v3 : 9.8
First Time		Lfprojects mlflow Lfprojects

Information

Published : 2025-10-29 20:15

Updated : 2025-11-04 21:18

NVD link : CVE-2025-11200

Mitre link : CVE-2025-11200

CVE.ORG link : CVE-2025-11200

JSON object : View

Products Affected

lfprojects

mlflow

CWE

CWE-521

Weak Password Requirements

{"id": "CVE-2025-11200", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-10-29T20:15:35.543", "references": [{"url": "https://github.com/mlflow/mlflow/commit/1f74f3f24d8273927b8db392c23e108576936c54", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-932/", "tags": ["Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-521"}]}], "descriptions": [{"lang": "en", "value": "MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of passwords. The issue results from weak password requirements. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26916."}], "lastModified": "2025-11-04T21:18:26.650", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75AF2251-F08D-4033-8EE3-7777D6A5436B", "versionEndIncluding": "2.21.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}