CVE-2024-24595 Information

Description

Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance resulting in a compromised server leaking all user emails and passwords.

Reference

https://hiddenlayer.com/research/not-so-clear-how-mlops-solutions-can-muddy-the-waters-of-your-supply-chain/