Cyber Resilience

CVE-2024-43779

HighPublic PoC

Published: 06 February 2025

Published
06 February 2025
Modified
05 September 2025
KEV Added
Patch
CVSS Score v3.1 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score 0.0034 56.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43779 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Clear Clearml Enterprise Server. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked in the top 43.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AU-13 (Monitoring for Information Disclosure).

Deeper analysis

CVE-2024-43779 is an information disclosure vulnerability in the Vault API functionality of ClearML Enterprise Server version 3.22.5-1533. It allows a specially crafted HTTP request to read vaults that have been previously disabled, potentially leaking sensitive credentials stored within them. The issue is classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) and CWE-522 (Insufficiently Protected Credentials), with a CVSS v3.1 base score of 7.7 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

An attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required. By sending a series of HTTP requests, the attacker can access and disclose contents of disabled vaults, achieving high-impact confidentiality loss (C:H) in a scoped manner (S:C), without affecting integrity or availability.

Mitigation details are available in the Talos Intelligence advisory at https://talosintelligence.com/vulnerability_reports/TALOS-2024-2112. The vulnerability was published on 2025-02-06.

ClearML Enterprise Server is part of an AI/ML operations platform for managing machine learning experiments and pipelines, making leaked vault credentials particularly sensitive for AI workflows involving secure access to models, data, or compute resources. No real-world exploitation has been reported in the provided information.

EU & UK References

Vulnerability details

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series…

more

of HTTP requests to trigger this vulnerability.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
T1602 Data from Configuration Repository Collection
Adversaries may collect data related to managed devices from configuration repositories.
Why these techniques?

Vulnerability allows authenticated low-privilege users to access disabled vaults via API, disclosing sensitive credentials and configuration data, enabling exploitation for credential access (T1212), unsecured credential theft (T1552), and data collection from configuration repositories (T1602).

CVEs Like This One

CVE-2024-39272Same product: Clear Clearml Enterprise Server
CVE-2026-45091Shared CWE-200, CWE-522
CVE-2026-32633Shared CWE-200, CWE-522
CVE-2025-2277Shared CWE-200, CWE-522
CVE-2025-11749Shared CWE-200
CVE-2026-41266Shared CWE-200, CWE-522
CVE-2026-40173Shared CWE-200, CWE-522
CVE-2026-22240Shared CWE-200, CWE-522
CVE-2026-29872Shared CWE-200, CWE-522
CVE-2024-34897Shared CWE-200

Affected Assets

clear
clearml enterprise server
3.22.5-1533

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-3 enforces approved authorizations for logical access, directly preventing low-privileged attackers from reading disabled vaults via crafted API requests.

prevent

SI-10 validates information inputs like specially crafted HTTP requests to the Vault API, blocking exploitation that leads to sensitive credential disclosure.

detect

AU-13 monitors for information disclosure, identifying unauthorized access to disabled vaults and potential leakage of sensitive credentials.

References